Hello,
I have successfully signed the bootloader as well as the firmware on my CubeOrange using WSL1 Ubuntu-22.04. I now need help understanding the expected behaviour of the device once it is signed.
For testing, I uploaded firmware from the Mission Planner through the normal procedure. Now, as per the documentation, 3 Ardupilot Public keys are included along with the one created by you. So, when uploading through the normal process, it should upload and boot up the device, but that doesn’t happen. The Cube goes in a loop and doesn’t boot up.
Is this how it should be? I am trying to test the possibilities of what can and cannot be done once the bootloader is signed.
Thanks.
Yes, this is how it will be. In case you want the firmware to work with a secure bootloader then either the firmware should be signed by your private key or by the corresponding private key of which the Ardupilot developer has access.
Thank you for replying @amitraushan.
I have a follow-up question, does that mean that the firmware already available for download is not signed by their keys?
If that is the case, how is one supposed to boot up the device if the vendor stops the build?
@rmackay9 @xfacta @amilcarlucas @Leonardthall
Yes, the firmware already available is not signed. And if your vendor stops the build then I guess you can ask Ardupilot developers they will help you by giving a signed firmware from their keys. For this particular scenario only they have added Ardupilot keys in bootloader. Somewhere in the doc, it is mentioned as well.
Okay great, that does make sense! Thank you for answering 
1 Like