I'm trying to make the Wii U's Browser usable again... but I have some questions about root certificate editing

Jediweirdo

Jediweirdo

Well-Known Member
OP
Newcomer
Level 4
Joined
Aug 3, 2021
Messages
90
Trophies
0
XP
476
Country
United States
I'm trying to get rid of the infamous 112-2035 error by editing the root certificates located on rootca.pem to include the certification "lets encrypt". The problem is, though, that I need to also include a cross-signed certificate of their parent company IdenTrust in order to get everything to work (as said in this comment)... And I have literally zero clue on how to even correctly edit the PEM file without my internet browser volunteering to contribute to the nearest brick house like this person's browser. Here are a few starting questions I have:

  • Is it actually OK to just copy/paste a certificate without also saying things like it's fingerprint and expiration date (like all the other certificates that Nintendo put on there before anyone else meddled with it)?
  • How the heck do you cross-sign a signature? Is it kind of like adding a regular one?
  • Will only using let's encrypt's certification actually get rid of the 112-2035 error code? Or did I even get that wrong too?

~~~~~~~Links n' Stuff~~~~~~~

https://gbatemp.net/threads/tutorial-add-custom-root-certs-to-the-wii-us-browser.468201/

https://gbatemp.net/threads/wii-u-browser-https-key-cert-update.540968/post-8679771
https://gbatemp.net/threads/i-need-...stom-root-certs-to-the-wii-us-browser.582076/


This is my first time using spoiler tags, so sorry if it's screwed up

EDIT: Wow I horrendously screwed up on those spoiler tags lol. Hopefully, they're now fixed?
EDIT^2: Fixed something because fake OCD
 
Last edited by Jediweirdo,
  • Like
  • Wow
Reactions: Magnus87 and Blauhasenpopo
Jediweirdo

Jediweirdo

Well-Known Member
OP
Newcomer
Level 4
Joined
Aug 3, 2021
Messages
90
Trophies
0
XP
476
Country
United States
Welp, it's been about a week to no response... I might try to repost this in the future coupled along with other questions
 
soratheultima

soratheultima

Well-Known Member
Member
Level 4
Joined
May 26, 2008
Messages
176
Trophies
1
XP
511
Country
Germany
mhh this is something i do for work. I'll see if I can get to it in time. I can't promise anything though, since the Browser isn't frequently updated and the TLS/SSL Methods it accepts might be outdated.
 
V10lator

V10lator

Well-Known Member
Member
Level 16
Joined
Apr 21, 2019
Messages
2,633
Trophies
1
Age
36
XP
5,488
Country
Germany
  • Like
Reactions: soratheultima
soratheultima

soratheultima

Well-Known Member
Member
Level 4
Joined
May 26, 2008
Messages
176
Trophies
1
XP
511
Country
Germany
I tried using an SSL Proxy but that just resulted in a 1036 error

Any Older Methods such as the following did not work (not recommended): https://gbatemp.net/threads/mitm-wii-u-ssl-connections.477792/ ->Using the ROOT CA of https://larsenv.github.io/NintendoCerts/index.html Resulted in a Brick (safe due to CBHC) -> Downloaded V20 of Certs from NUS CDN to fix that using an unsafe Wupinstaller.

Using Charles as an SSL Proxy -> instead of error 112-1035 you get 112-1036
If you still want to try to do that, I would suggest doing that in REDNAND or any emunand option.

Or do as V10lator says :) and simply add the data from the github link to the end of the .pem file (open it with a good text editor)
 
theaxd

theaxd

Member
Newcomer
Level 1
Joined
Apr 16, 2022
Messages
10
Trophies
0
Age
21
Location
.
XP
99
Country
United States
i managed to get some websites working again by adding new certificates to the rootca. if you want a copy of my updated rootca.pem i can link it. even when updating the certificates though most websites still give a error 112-1035 so this doesn't just automatically make the browser work on every website but a few will be working again
 
Jediweirdo

Jediweirdo

Well-Known Member
OP
Newcomer
Level 4
Joined
Aug 3, 2021
Messages
90
Trophies
0
XP
476
Country
United States
Yeah, some websites still return an error. But now with my rootca certs updated, it's still a lot better than having like 90% of websites giving the error! Thanks for replying to this old thread, but I already got it working on my Wii U thanks to the 2 people who replied to this earlier. I should have said my thanks for them helping me, but if I'm being honest I forgot about this post until now!
 
Jediweirdo

Jediweirdo

Well-Known Member
OP
Newcomer
Level 4
Joined
Aug 3, 2021
Messages
90
Trophies
0
XP
476
Country
United States
@JStar334 Yeah, sure. I had no idea that someone would reply to this, so sorry for not replying for... 3 months (yikes):

1. I followed steps 1-5 on the site that got me into the whole thing (found here)
2. Backed up the OG .pem file in case I irreversibly screwed it up (you should do the same too)
3. I took the certificates found on the link V10lator ever-so-kindly linked from their own project and copy/pasted them to the bottom of the .pem file
4. Did the same with another certificate I found here, thanks to it being linked by ShadowOne333 (probably super redundant, but whatever)
5. Scratched my head on trying to figure out how to get the fiddler's cert, contemplated if it was a good idea to transfer all the certs from my PC to my Wii U, then said "screw it, I made a backup anyways" and proceeded to do it anyways (export them via this, then just add it like normal if it's .pem like mine)
6. Completely forgot about fiddler's cert (there's a comment here that tells you how to do it)
7. Saved my changes to the file, then overwrote the Wii U's original file
8. Closed out of FTP and tried launching a myriad of sites with varying levels of success (much better than little-to-no level of success!)

In retrospect, it would be cool if more people could share any roots they've found too since the internet's gonna close soon. Let's enjoy it while it lasts!

Anyways, if you need help or need me to explain something better, just tell me, and I'll do my best to help out (hopefully it won't take me 3 months next time lol). I would just give you my Wii U's .pem, but I feel like it's a giant security liability to release my main PC's root certificates into the wild so this will do. Good luck!

Edit: Added a link I forgot and some extra text
Edit2: Realized I should probably let the person who I'm helping know that I responded to them lol
 
Last edited by Jediweirdo,

Site & Scene News

Go to forum More news

Popular threads in this forum

A really, REALLY old browser exploit (for 5.3.2)?

Gaming  Online services for the 3DS and Wii U have been shutdown. Here is how to get back online!

Hacking Hardware  Wii U No Display (Logs dumped)

Hacking Gaming  Xenoblade Chronicles X - Lifeline and Enhancement Mod

Homebrew  Huevo's Vault | Wii U Themes

Watch videos on Wii U, offline, saved on SD?

Super Mario Maker Save Collection (All Event and Staff Courses Preserved, 3DS Mario Challenge Port, and More)

Can you hack your wii u with something other than sd card

General chit-chat
Help Users
    HiradeGirl @ HiradeGirl: Wlak past the light and kill that giant mosquito.