Siging image for OTA DFU

Hi all,

Inherited a nRF Connect 1.5 project developed under Linux and I'm trying to get everything set up for continued development under Windows.

I can build the code using the default signing key and OTA DFU works as i should.  Now I would like to sign with my own key instead. I have read numrous posts on this forum and even though the answer is probably in there I cannot single it out. In any case; from the following post...

 RE: Problem with signing images for OTA DFU . 

... I pull the following reply:

"You do not need to sign the binaries "manually", as this is handled automatically for you by the partition manager when building with CONFIG_BOOTLOADER_MCUBOOT. The only thing you need to do is to set CONFIG_BOOT_SIGNATURE_KEY_FILE in the configuration for mcuboot as explained here, or by adding a separate config file as explained here."

So I add CONFIG_BOOT_SIGNATURE_KEY_FILE="d:/mykey.pem" and do a "clean build".  Problem is that the build succeeds regardless if mykey.pem is present or not, i.e. if the USB stick is inserted or not. 

So, a couple of "debug" questions...

- Why doesn't the build system report an error if I refer to a key file which is not there ?

- Which is the default key file and where is it stored ? (I.e. if I delete it will the build system protest then ?)

- Is there a way to determine which key file was used to sign a particular app binary ? (Since the signed binary, i.e. app_update.bin, seems to change for every build I cannot determine if "my key" or the "default key" was used to sign it.)

...leding to the final question:

- What am I missing her ?

Cheers

Eric

Related