Secure Elements certificates issue with ESP32 + ATECC608A


I was wondering if a change could be implemented to accommodate Trust&Go ATECC608A_TNGTLS secure element certificates in FreeRTOS. I am using an ESP32-WROVER devkit connected to an ATECC608A_TNGTLS secure element from Microchip.

The FreeRTOS version is 202007.00 and my host machine is a Windows 10 PC. My problem is that after building with the command cmake -DVENDOR=espressif -DBOARD=esp32_plus_ecc608a_devkitc -DCOMPILER=xtensa-esp32 -DCMAKE_BUILD_TYPE=Debug -GNinja -S . -B build
to specify that I am using the ATECC608A_TNGTLS for the TLS connection, the default device and signer certificates definitions being used cause an ATCACERT_E_WRONG_CERT_DEF error when reading the certificates from the ATECC608A_TNGTLS .

I changed the default device certificates being assigned here and here to tng22_cert_def_2_device and tng22_cert_def_1_signer respectively which are defined in \vendors\microchip\secure_elements\app\tng\ directory. That fixed the error and I was able to properly read off the certificates from the ATECC608A_TNGTLS. Can a switch or build option be built into freertos to accommodate the different ATECC608A types (Trust&Go, TrustFlex, Trust Custom)? I assume that is the discrepancy between the default certificate not working and the tng22 types working for my ATECC608A_TNGTLS.

I am looking into this and will get back.


Hello @salkaleidoscope,

There is currently work in progress to support the various ATECC608A variants. Are you currently in need of assistance in implementing this in your project? It seems that you were successful in porting the code to the T&G variant. Please let me know if I can help.



Thank you Carl. I think at the moment we have the secure element code where we want it to be for our project. I just wanted to know if there would be an update to freertos soon to accommodate building applications with different types of ATECC608As and it sounds like that is in the works. Thank you!