How to create cacert.h for ESP8266 secure TLS example


How is the following root CA file created?

https://github.com/esp8266/Arduino/blob/master/libraries/ESP8266WiFi/examples/HTTPSRequestCACert/CACert.ino

Here is one way to do it by hand. If you need to do this a lot, a Python script could probably do all of it.

In FireFox connect to "https:://api.github.com".

In the address bar, to the left of the URL, click on the circled 'i' icon for more information.

Click on the '>' icon.

Click on "More Information" button at the bottom of the window.

In the new window titled "Page Info - https://api.github.com", click on the "View Certificate" button.

In the "Certificate Viewer" window, click on the "Details" tab.

In the "Certificate Hierarchy" top window pane click on "DigiCert High Assurance EV Root CA" so it is highlighted.

Click on the "Export..." button at the bottom of the page.

At the bottom of the page select "X.509 Certificate (DER)" format then click on Save.

Use your favorite program to convert the binary DER format to ASCII. Here is what I do.

$ xxd -i DigiCertHighAssuranceEVRootCA.crt.der >cacert.h

Edit cacert.h to add PROGMEM and const keywords.

Comments

  1. UnknownJuly 5, 2020 at 6:27 AM

    Thank you very much for that! I have being looking for it for a long time.
    The link is now broken, this the new one:
    https://github.com/esp8266/Arduino/blob/master/libraries/ESP8266WiFi/examples/HTTPSRequestCACertAxTLS/CACert.ino

    ReplyDelete

Post a Comment

Popular posts from this blog

Defective Arduino USB Host Shield Boards

Image
UPDATE: The red wire is not needed. There are solder pads to the right of the reset button. Bridge the 5V pads to select 5V for VBUS PWR. In total, three blobs of solder are needed to make the shield work for 5V Arduinos. I received two new generic Arduino compatible USB host shields today. Both are defective. But they work after some troubleshooting. 1. After loading the USB_desc sketch, the debug message "OSC did not start." appears on the serial console. This means the USB host library cannot find the USB host hardware. I compared a defective board with a working board. One big difference is the 3.3V pads and 5V pads are not bridged on the defective board. This means the shield is not receiving power from the Uno! After bridging the pads, the board powers up. The error message "OSC did not start" does not appear. This means the USB host library found the USB host hardware. In the photo, the green boxes should contain one big solder blob. If there are
Read more

How to use USB RFID readers on an Arduino Uno

Image
1. Plug the RFID reader into a Windows PC. Does it work without installing drivers? Open any editor such as NotePad. Read a card or key fob by passing the card or key fob on or near the reader. Do the characters appear on the screen as if typed at a keyboard? Look in Device Manager. The reader should be listed as a USB keyboard. If all the above are true, it should work with a USB host shield and Uno running the USB HID keyboard sketch. The same procedure applies to bar code readers. Do not expect all USB RFID and bar code readers to work like USB keyboards. Some devices such as RFID reader/writers require special USB drivers so are not usable with the USB host shield. The simple RFID readers shown above, read the RFID unique serial number. No other fields are returned. The readers cannot write to the RFID card. In the photo, starting at the top, are a 125KHz RFID reader, a 13.56 MHz RFID reader, Arduino Uno, and Circuits@Home USB host shield. Both readers work with the USB
Read more