Matter Generating Unique Factory Data and Certificates on Windows

I'm working with the Matter Template example and creating a sensor monitoring device on the nRF52840 platform, and I'm developing on a Windows environment with SDK 2.9.0. I'd like to create custom factory data and generate a unique CHIP certificate automatically during the build process. It looks as though this requires the CHIP Certificate Tool, but this doesn't seem to have a compatible configuration for usage on Windows. How could I continue developing on Windows and utilize custom custom factory data and a unique CHIP certificate?

  • Hello rkap,

    There is a guide for generating factory data here: https://docs.nordicsemi.com/bundle/ncs-2.9.1/page/matter/nrfconnect_factory_data_configuration.html

    It seems the process is done with Python, so it should be possible on Windows too.

    Could you please give it a try?

    Hieu

  • I followed the guideline here: https://docs.nordicsemi.com/bundle/ncs-latest/page/nrf/protocols/matter/getting_started/tools.html#ug-matter-gs-tools-cert-installation

    There are python calls, but it seems to be building the toolset for a target operating system. Specifically, during the last step, (ninja -C out chip-cert), I get errors relating to the operating system such as:

    CHIP_DEVICE_LAYER_TARGET_DARWIN and CHIP_DEVICE_LAYER_TARGET_LINUX being undefined.

    I then started digging through the build tools to determine target options, and Windows wasn't an option.

  • My apology. I was only considering the factory data tool and not the CHIP certificate tool.
    You might need to use a Linux environment for the CHIP certificate tool. On Windows, you can do so with WSL.

  • That's alright. So I'm currently using VS Code with the nRF Connect SDK extension on Windows, and I'm trying to generate the factory data and certificates during compilation (SB_CONFIG_MATTER_FACTORY_DATA_GENERATE=y, CONFIG_CHIP_ROTATING_DEVICE_ID=y , CONFIG_CHIP_DEVICE_GENERATE_ROTATING_DEVICE_UID=y). Will WSL allow it to work with the CHIP certificate tool during compilation? I'm open to pre-generating the certificates and bringing them into the project if I could have guidance for doing that (or how to best handle this in windows) instead. 

    Edit:
    I managed to build the chip-cert tool for WSL and made sure it's added to the system path so it's command line executable in Windows via the command chip-cert (as if it were native). I then modified the script generate_nrfconnect_chip_factory_data.py to allow WSL script execution subprocess.run(cmd) -> subprocess.run(cmd, shell=True, check=True), and finally I modified the script to adjust the file locations to valid linux formats for WSL. Looks like it's working now.

    I should also add that Nordic's AI assistant repeatedly gave misleading information about config variable settings for SDK 2.9.0. It claimed the following were needed:

    SB_CONFIG_MATTER_FACTORY_DATA_MERGE_WITH_FIRMWARE=y
    CONFIG_CHIP_FACTORY_DATA_USE_DEFAULT_CERTS=n
    CONFIG_CHIP_FACTORY_DATA=y
     
    However to generate certificates, the following was additionally required:
    CONFIG_CHIP_FACTORY_DATA_CERT_SOURCE_GENERATED=y

    And I'd recommend others include:
    CONFIG_CHIP_FACTORY_DATA_GENERATE_ONBOARDING_CODES=y
    CONFIG_CHIP_FACTORY_DATA_GENERATE_CD=y

    Hopefully this helps others generating certificates in general and on Windows. 

Related