Load root CA

python_device/src/api.py

@@ -5,4 +5,10 @@ def get_secure_origin() -> str:
     res = requests.get(f"{args.unsecure_origin}/secure_origin")
     if res.status_code < 200 or res.status_code > 299:
         raise Exception(f"Get secure origin failed with status {res.status_code}")
+    return res.text
+
+def get_root_ca() -> str:
+    res = requests.get(f"{args.unsecure_origin}/pki/root_ca.pem")
+    if res.status_code < 200 or res.status_code > 299:
+        raise Exception(f"Get root CA failed with status {res.status_code}")
     return res.text

python_device/src/args.py

@@ -9,4 +9,5 @@ parser.add_argument("--storage", help="Change storage location", default="storag
 
 args = parser.parse_args()
 
-args.secure_origin_path = os.path.join(args.storage, "SECURE_ORIGIN")
+args.secure_origin_path = os.path.join(args.storage, "SECURE_ORIGIN")
+args.root_ca_path = os.path.join(args.storage, "root_ca.pem")

python_device/src/main.py

@@ -16,4 +16,16 @@ if not os.path.isfile(args.secure_origin_path):
 
 with open(args.secure_origin_path, "r") as f:
     args.secure_origin = f.read()
-print(f"Secure origin = {args.secure_origin}")
+print(f"Secure origin = {args.secure_origin}")
+
+
+
+print("Check system root CA")
+if not os.path.isfile(args.root_ca_path):
+    origin = api.get_root_ca()
+    with open(args.root_ca_path, "w") as f:
+        f.write(origin)
+
+with open(args.root_ca_path, "r") as f:
+    args.root_ca = f.read()
+print(f"Root CA = {args.root_ca}")