Is WiFiNINA certificate updater SW mandatory?

Hi,

Is the WiFi101 / WiFiNINA Firmaware/Certificates Updater mandatory to upload SSL root certificates to NANO 33 IoT? Is there any other way to do it. Using the Updater SW it's kind of frustrating...Could it be possible do it with some library and commands in the beginning of the .cpp?

What is the usual structure of the certificate?

AI recommends something like this (I was not able to get it work?):

#include <WiFiNINA.h>

const char* rootCA = \
"-----BEGIN CERTIFICATE-----\n"
"MIID....your root certificate data here...\n"
"-----END CERTIFICATE-----\n";

WiFiSSLClient client;

void setup() {
  Serial.begin(115200);
  while (!Serial);

  if (WiFi.status() == WL_NO_MODULE) {
    Serial.println("Communication with WiFi module failed!");
    while (true);
  }

  // Set the SSL certificate dynamically
  client.setRootCA(rootCA);

  if (client.connect("example.com", 443)) {
    Serial.println("Connected with custom root certificate!");
  } else {
    Serial.println("Connection failed.");
  }
}

void loop() {
}

What does AI say about the certificate?

Tried the code does not work.

It would be nice WiFiNINA.h would support certificate uploading with some command...At the moment it seems that it might be difficult? Don't know yet.

On thing that I noticed too is that when you compile the WiFiNINA firmware updater and when you try to upload the certificates it gives error many times to make sure that the firmware updater is uploaded and so on.....

...For me it helped when you take the USB cord off and plug it in after the firmware updater upload, then it usually doesn't give errors when uploading the SSL certificates...

Which AI? It's a shame that after scraping all that code, it has such poor knowledge of C++ syntax.

For the libraries that allow certs in code, it's usually in PEM format. Looks like this:

const char ISRG_ROOT_X1_CERT[] = R"(
-----BEGIN CERTIFICATE-----
MIIFazCCA1OgAwIBAgIRAIIQz7DSQONZRGPgu2OCiwAwDQYJKoZIhvcNAQELBQAwTzELMAkGA1UE
BhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2VhcmNoIEdyb3VwMRUwEwYDVQQD
EwxJU1JHIFJvb3QgWDEwHhcNMTUwNjA0MTEwNDM4WhcNMzUwNjA0MTEwNDM4WjBPMQswCQYDVQQG
EwJVUzEpMCcGA1UEChMgSW50ZXJuZXQgU2VjdXJpdHkgUmVzZWFyY2ggR3JvdXAxFTATBgNVBAMT
DElTUkcgUm9vdCBYMTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK3oJHP0FDfzm54r
Vygch77ct984kIxuPOZXoHj3dcKi/vVqbvYATyjb3miGbESTtrFj/RQSa78f0uoxmyF+0TM8ukj1
3Xnfs7j/EvEhmkvBioZxaUpmZmyPfjxwv60pIgbz5MDmgK7iS4+3mX6UA5/TR5d8mUgjU+g4rk8K
b4Mu0UlXjIB0ttov0DiNewNwIRt18jA8+o+u3dpjq+sWT8KOEUt+zwvo/7V3LvSye0rgTBIlDHCN
Aymg4VMk7BPZ7hm/ELNKjD+Jo2FR3qyHB5T0Y3HsLuJvW5iB4YlcNHlsdu87kGJ55tukmi8mxdAQ
4Q7e2RCOFvu396j3x+UCB5iPNgiV5+I3lg02dZ77DnKxHZu8A/lJBdiB3QW0KtZB6awBdpUKD9jf
1b0SHzUvKBds0pjBqAlkd25HN7rOrFleaJ1/ctaJxQZBKT5ZPt0m9STJEadao0xAH0ahmbWnOlFu
hjuefXKnEgV4We0+UXgVCwOPjdAvBbI+e0ocS3MFEvzG6uBQE3xDk3SzynTnjh8BCNAw1FtxNrQH
usEwMFxIt4I7mKZ9YIqioymCzLq9gwQbooMDQaHWBfEbwrbwqHyGO0aoSCqI3Haadr8faqU9GY/r
OPNk3sgrDQoo//fb4hVC1CLQJ13hef4Y53CIrU7m2Ys6xt0nUW7/vGT1M0NPAgMBAAGjQjBAMA4G
A1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBR5tFnme7bl5AFzgAiIyBpY
9umbbjANBgkqhkiG9w0BAQsFAAOCAgEAVR9YqbyyqFDQDLHYGmkgJykIrGF1XIpu+ILlaS/V9lZL
ubhzEFnTIZd+50xx+7LSYK05qAvqFyFWhfFQDlnrzuBZ6brJFe+GnY+EgPbk6ZGQ3BebYhtF8GaV
0nxvwuo77x/Py9auJ/GpsMiu/X1+mvoiBOv/2X/qkSsisRcOj/KKNFtY2PwByVS5uCbMiogziUwt
hDyC3+6WVwW6LLv3xLfHTjuCvjHIInNzktHCgKQ5ORAzI4JMPJ+GslWYHb4phowim57iaztXOoJw
TdwJx4nLCgdNbOhdjsnvzqvHu7UrTkXWStAmzOVyyghqpZXjFaH3pO3JLF+l+/+sKAIuvtd7u+Nx
e5AW0wdeRlN8NwdCjNPElpzVmbUq4JUagEiuTDkHzsxHpFKVK7q4+63SM1N95R1NbdWhscdCb+ZA
JzVcoyi3B43njTOQ5yOf+1CceWxG1bQVs5ZufpsMljq4Ui0/1lvh+wjChP4kqKOJ2qxq4RgqsahD
YVvTH9w7jXbyLeiNdd8XM2w9U/t7y0Ff/9yi0GE44Za4rF2LN9d11TPAmRGunUHBcnWEvgJBQl9n
JEiU0Zsnvgc/ubhPgXRR4Xq37Z0j4r7g1SgEEzwxA57demyPxgcYxn/eR44/KJ4EBs+lVDR3veyJ
m+kXQ99b21/+jh5Xos1AnX5iItreGCc=
-----END CERTIFICATE-----
)";

(Internet Security Research Group are the folks behind Let's Encrypt.) It's Base64-encoded data between "fences".

But I don't see any functions in WiFiNINA that can use it. Looks like you are stuck uploading the certs.

Yes, I tried with PEM format. And I think the WiFiNINA does not have the support for it.

It would nice that if u select the board in arduino IDE it would then have all the supporting commands for the board.

I had to use Arduino 1.8.x version to get the WifININA updater function. Is it even available
on newer version of IDE...

The difficulty of WiFININA ssl
update makes the IoT 33 board quite
obsolote compared to ESP32 boards. SSL cerificates are needed all the time.

Could the IoT 33 firmware be updated so that it has native boot capabilities to update NINA-W102 chip SSL via .ino code? Official arduino board should support its own components natively?

It is getting more and more of a puzzle to
code with Arduino IDE...standalone simple coding is no more possible you need a lot of dependancies to make everything work:

-Arduino IDE 2.x.x
-Arduino IDE older version 1.x.x
-Firmware updater for a single chip in board
-Board support files
-Libraries
-Xcode (MacOS)
-JaVa
-etc...

This topic was automatically closed 180 days after the last reply. New replies are no longer allowed.