Wii U browser HTTPS key/cert update?

Discussion in 'Wii U - Homebrew' started by N7Kopper, Jun 15, 2019.

  1. N7Kopper
    OP

    N7Kopper Proud lover of a three-inch girlfriend

    Member
    4
    Aug 24, 2014
    United Kingdom
    A bit of an oddball question here, but I vaguely remember a thread (that I can't find for the life of me with over an hour of searching) that described a method of manually updating the Wii U web browser's HTTPS keys. With more websites enforcing HTTPS with newer keys, the poor Wii U is already starting to run into the problem of not being able to validate the keys. (to say nothing of the humble PSP, that thing's web browser is a legacy dinosaur by now - it used to be able to run YouTube!)

    Does anyone have any idea if this is actually a thing you can do, or just someone theorycrafting? (I mean, it's obviously possible, but if it bricks the system it might as well not be.)
     
  2. Random__Dude

    Random__Dude Member

    Newcomer
    2
    Feb 2, 2019
    United States
    oof
     
  3. Ryccardo

    Ryccardo and his tropane alkaloids

    Member
    14
    Feb 13, 2015
    Italy
    Imola
    New certificates (probably just a romfs edit if lucky), or a new TLS version (actual machine code work)?


    The ghetto workaround is, of course, a SSL stripping proxy running on your PC/router/raspberry/whatever and connecting the console (or just the browser if it has a dedicated setting) to it
     
    Last edited by Ryccardo, Jun 15, 2019
  4. Brawl345

    Brawl345 GBAtemp Advanced Fan

    Member
    8
    Jan 14, 2012
    Germany
    To add new root certificates, you just need to edit the rootca.pem via ftpiiu everywhere: https://gbatemp.net/threads/tutorial-add-custom-root-certs-to-the-wii-us-browser.468201/
    To add the Let's Encrypt Root Certificate, you need to use the cross-signed certificate by IdenTrust: https://letsencrypt.org/certs/trustid-x3-root.pem.txt
    Don't know how to add the "real" LE Root Certificate because it doesn't work if I add the certificates from here: https://letsencrypt.org/certificates/ :unsure: AFAIK LE won't renew their cross-signed stuff after 2021 anymore. Need to experiment with this... EDIT: just export the ISRG root cert from Firefox
    Anyways, just append the cert including the "-----BEGIN CERTIFICATE-----" and "-----END CERTIFICATE-----" stuff. You don't need "# Issuer:" comments
     
    Last edited by Brawl345, Jun 17, 2019
    kornychaos likes this.
Quick Reply
Draft saved Draft deleted
Loading...