Homebrew Wii U browser HTTPS key/cert update?

[N7Kopper]

A bit of an oddball question here, but I vaguely remember a thread (that I can't find for the life of me with over an hour of searching) that described a method of manually updating the Wii U web browser's HTTPS keys. With more websites enforcing HTTPS with newer keys, the poor Wii U is already starting to run into the problem of not being able to validate the keys. (to say nothing of the humble PSP, that thing's web browser is a legacy dinosaur by now - it used to be able to run YouTube!)

Does anyone have any idea if this is actually a thing you can do, or just someone theorycrafting? (I mean, it's obviously possible, but if it bricks the system it might as well not be.)

 

[Random__Dude]

oof

 

[Ryccardo]

New certificates (probably just a romfs edit if lucky), or a new TLS version (actual machine code work)?


The ghetto workaround is, of course, a SSL stripping proxy running on your PC/router/raspberry/whatever and connecting the console (or just the browser if it has a dedicated setting) to it

 

[Brawl345]

To add new root certificates, you just need to edit the rootca.pem via ftpiiu everywhere: https://gbatemp.net/threads/tutorial-add-custom-root-certs-to-the-wii-us-browser.468201/
To add the Let's Encrypt Root Certificate, you need to use the cross-signed certificate by IdenTrust: https://letsencrypt.org/certs/trustid-x3-root.pem.txt
Don't know how to add the "real" LE Root Certificate because it doesn't work if I add the certificates from here: https://letsencrypt.org/certificates/ AFAIK LE won't renew their cross-signed stuff after 2021 anymore. Need to experiment with this... EDIT: just export the ISRG root cert from Firefox
Anyways, just append the cert including the "-----BEGIN CERTIFICATE-----" and "-----END CERTIFICATE-----" stuff. You don't need "# Issuer:" comments