I obviously won't link to anything here, but I wanted to know:rui_saraiva wrote: 05 Jun 2025, 13:32 The "SWL/00*/Certificates/PSA-OVIP-CS-G1.crt" file is the public key certificate that is used to verify the identity and the authenticity of the software. To digitally sign the software, PSA/Stellantis used the other half of the equation - its PRIVATE key. You can download the latest public key from http://pki.p3cs.com/PSA-OVIP-CS-G1.crt but that's not the problem.
The software MUST be digitally signed with the private key that pairs with that certificate, and only PSA/Stellantis has access to that private key.
The private keys have been published by a someone on GitHub for a few years now, corresponding to each version that was available.
Is there any chance that someone signs a firmware file using that private key - or are we missing something to get that final step done?
We have examples of license files, the .tar firmware files, and private keys available online.
I'm asking since it's unclear to me how how PSA does this on their end.