ESP8266 Community Forum

Hi all,
can anybody tell me how the value of the caCert[] variable in the CACert.ino file from the example https://github.com/esp8266/Arduino/blob ... CACert.ino was created? It seems to be a hexadecimal representation of the api.github.com root certificate in DER format. I want to connect to a different site with the WiFiClientSecure library but I don't know how to get the root certificate of this site converted into this format so that I can pass it to the WiFiClientSecure.setCACert_P function. And how to calculate the length of this certificate representation as defined in the same file and in this example "969"?

Thanks and best regards,
Michael

In FireFox connect to "https:://api.github.com".

In the address bar, to the left of the URL, click on the circled 'i' icon for more information.

Click on the '>' icon.

Click on "More Information" button at the bottom of the window.

In the new window titled "Page Info - https://api.github.com", click on the "View Certificate" button.

In the "Certificate Viewer" window, click on the "Details" tab.

In the "Certificate Hierarchy" top window pane click on "DigiCert High Assurance EV Root CA" so it is highlighted.

Click on the "Export..." button at the bottom of the page.

At the bottom of the page select "X.509 Certificate (DER)" format then click on Save.

Use your favorite program to convert the binary DER format to ASCII. Here is what I do.

$ xxd -i DigiCertHighAssuranceEVRootCA.crt.der >cacert.h

Edit cacert.h to add PROGMEM and const keywords.