Error about MCUBOOT_BUILD_STRATEGY_FROM_SOURCE when trying to provide a signing key

Hi,

If I follow that advice and set CONFIG_BOOT_SIGNATURE_KEY_FILE

The message instructed you to consider setting CONFIG_MCUBOOT_SIGNATURE_KEY_FILE. Did you set CONFIG_BOOT_SIGNATURE_KEY_FILE instead? If so, to which value?

Best regards,
Dejan

Are you referring to the last sentence of the message? If I understand the message correctly, it encourages me to remove (= set to the default, an empty string) CONFIG_MCUBOOT_SIGNATURE_KEY_FILE again just to get rid of the message. But then I would still not have a custom signing key.

Hi,

Could you specify the way how you built your project?

Best regards,
Dejan

Here's my complete prj.conf:

CONFIG_CONSOLE=y
CONFIG_RTT_CONSOLE=y
CONFIG_USE_SEGGER_RTT=y
CONFIG_DEBUG_THREAD_INFO=y
CONFIG_DEBUG_OPTIMIZATIONS=y
CONFIG_SPI=y
CONFIG_I2C=y
CONFIG_SERIAL=y
CONFIG_UART_INTERRUPT_DRIVEN=y
CONFIG_ADC=y
CONFIG_BT=y
CONFIG_WATCHDOG=y

# For BLE firmware updates
CONFIG_BOOTLOADER_MCUBOOT=y
CONFIG_MCUMGR=y
CONFIG_MCUMGR_CMD_IMG_MGMT=y # for writing new firmware
CONFIG_MCUMGR_CMD_OS_MGMT=y # for resetting the device
CONFIG_BT_L2CAP_TX_MTU=252
CONFIG_BT_BUF_ACL_RX_SIZE=256
CONFIG_MCUMGR_SMP_BT=y
CONFIG_MCUMGR_SMP_BT_AUTHEN=n # security is handled by signed firmware images
CONFIG_SYSTEM_WORKQUEUE_STACK_SIZE=4096

If you just create a new project in VSCode and hit Build, you should get a message about the default key being used.

If you then add CONFIG_MCUBOOT_SIGNATURE_KEY_FILE you should see the message about it being ignored.

Hi,

Similar to what is shown in the configuration file for nrf_desktop sample, you should put CONFIG_BOOT_SIGNATURE_KEY_FILE in the configuration file for the child image. Inside your project directory, create child_image directory with mcuboot.conf file where you put your mcuboot configuration. If you still have an issue, try adding CONFIG_BOOT_SIGNATURE_KEY_FILE in both prj.conf and in child_image/mcuboot.conf

You can read more about default configuration for multi-image build, signing binaries and adding custom signature key file.

Best regards,
Dejan

Hi,

Similar to what is shown in the configuration file for nrf_desktop sample, you should put CONFIG_BOOT_SIGNATURE_KEY_FILE in the configuration file for the child image. Inside your project directory, create child_image directory with mcuboot.conf file where you put your mcuboot configuration. If you still have an issue, try adding CONFIG_BOOT_SIGNATURE_KEY_FILE in both prj.conf and in child_image/mcuboot.conf

You can read more about default configuration for multi-image build, signing binaries and adding custom signature key file.

Best regards,
Dejan

Ok, I tried that but I'm still getting the "WARNING: Using default MCUBoot key" message.

Is this the correct directory structure?

myapplication
- src
  - main.c
- child_image
  - mcuboot.conf

Hi,

Could you provide more information on what you tried?

Best regards,
Dejan

I created the directory/file structure and put CONFIG_BOOT_SIGNATURE_KEY_FILE="image_sign.pem" into it. Then I hit "Build" again. It said "ninja: no work to do." I hit the "Pristine Build" button (the circular arrow). The "WARNING: Using default MCUBoot key" message appeared in the terminal again.

But I just noticed something... it seems it is looking for the key in the SDK directory instead of the project! And only because it didn't find the file there, it used the default key.

I put an absolute path there now and it seems to be using the file now. So with an absolute path to the key file it seems to work.

I wrote too early. While the build now works, it seems I am no longer able to do OTA updates. I flashed it via SWD the first time and now when I try to do an OTA update in Device Manager I always get "Invalid value (3)". I will try putting the setting in both config files...

No success, still "Invalid value (3)".