How to replace .obk for STM32H523

hakeila · ‎2025-03-04

Hi,

I have locked out my MCU. I generated a Debug Authentication file with certificate (DA_Config.obk) and provisioned that into the MCU. However, I think I have regenerated a private key without regenerating a certificate.

I am no longer able to do a regression on the MCU for DA authentication. I have tried multiple of certificates and regenerated certificates based on the root private key I used for generating the .obk file but nothing works.

Also I don't quite understand the difference between the root, intermediate and leaf keys/certificates pairs. Which ones is used in regression?

Any help would be appreciated.

Thanks in advance :)

Jocelyn RICARD · ‎2025-03-05

Hello @hakeila,

First, if you have lost the private key associated to public key provisioned in your device (in obk), you will not be able to use DA anymore.

Now, if you have some firmware in the device that can be update, you may be able to launch a regression from firmware. But this can only be done of the code executing the regression is in HDP Level1.

If you lost the private key of your leaf certificate, that is not an issue, you can either regress the device with the root private key and root certificate.

The leaf certificate is useful when you want to keep your root private key safe and avoid any leak.

Best regards

Jocelyn