Hi,
My Polestar 4 runs Android Automotive;
the Home Assistant app is available from the Playstore.
However when i try to login to my HA server i receive the error message: ‘certificate authority not trusted’.
I have remote access enabled by having NGINX Home Assistant SSL proxy with a duckDNS domain configured.
Remote access via my android smartphone’s companion app works flawlessly.
Why do I see this error and how can i get the certificate authority to be trusted?
Either your ceetufucate has a problem or your Android automotive has a problem.
If your ubuse Let’s encrypt certificates, then my guess is that ur Android Automotive is the issue .have you made sure it is updated?
Hello WallyR,
thanks for the prompt reply.
Yes i believe that I am using a let’s encrypt generated certificate as i followed a guide like this one to setup remote access: Home Assistant Remote Access using NGINX Reverse Proxy & DuckDNS.
I’m not sure which android automotive version my Polestar exactly has, as Polestar doesn’t use pure Android Automotive but puts its own flavour over it: they describe the infotainment system as ‘Powered by Android Automotive OS and presented with a Polestar-developed interface’; i guess this is analogous to e.g. what Samsung does for Android on smartphones.
What would be the problem on android automotive’s side and is there a way i could solve it?
I can transfer files to the car via my phone when connected over USB, so if i need to modify a certain file i might be able to do this this way.
You need to update your certificate store with the newest root certificates.
Let’s encrypt changed their root certificate a bit back and that means devices needs to update to include that new root certificate.
How it is done in Android Automotive I do not know.
My Android device mainly handles it through its normal updates, but it can be done manually too.
The issue with your device is that it is an Android Automotive and on top of that with a polestar overlay, so much might be different in the interface.
Thank you for your support, i’ll check on the Polestar community forum if anyone can help me there to have this sorted out on the car’s side. Can you maybe just explain to me please, or point me to an easy to follow explanation, on how on android the manual update of a root certificate is done? I figure that on android automotive the steps should be very similar.
sadly I believe this will become a bigger issue over the next 20+ years, vehicles with certificates will sooner or later expire with no way to update them.
this will make it difficult to impossible to fix various things, software or hardware.
They will for sure be upgradable, but it might not be possible for the average user. It will require a technician certified for that special brand.
The car manufacturer earn money on the technician needing certification and the technician earn money on the consumer that are artificial prohibited from upgrading their cars software.
that assumes;
a) there is a certified technician
b) that the manufacturer is even still around (to provide ‘certification’ and/or authentication)
c) that if the manufacturer is still around, they can/will support the systems necessary for non-current hardware
This all circles around right to repair, and that manufacturers are constantly lobbying to enforce certification and preventing consumers from repairing their purchased hardware (be it consumer electronics/appliances, vehicles, and any other thing they want to lock down).