-->

ESP8266 Community Forum

Open Community Forum for ESP8266, Come share Arduino and IoT (Internet of Things)
https://www.esp8266.com/

ESP8266httpUpdate HTTPS?

https://www.esp8266.com/viewtopic.php?f=32&t=17095

Page 2 of 3

Re: ESP8266httpUpdate HTTPS?

PostPosted: Sun Feb 18, 2018 12:27 am
by tele_player
To do SSL you’ll need a fingerprint, or a certificate. Fingerprint is simpler.
Is this for a personal project, or commercial?

Re: ESP8266httpUpdate HTTPS?

PostPosted: Sun Feb 18, 2018 8:47 am
by androidfanboy
OK, that's what I thought. This is personal but same principle would apply for commercial products. Apparently you can use a certificate instead of fingerprint with the updated ESP WiFiClientSecure library. Could the certificate change?

Re: ESP8266httpUpdate HTTPS?

PostPosted: Sun Feb 18, 2018 10:09 am
by tele_player
Fingerprint is just a hashed certificate. Same likelihood of change.

Read up on encryption.

Re: ESP8266httpUpdate HTTPS?

PostPosted: Sun Feb 18, 2018 4:40 pm
by androidfanboy
So how can it be safely encrypted? For example, if the fingerprint changed every year, would I just have to re-upload new code to the device with a new fingerprint? That sounds awfully cumbersome.
All times are UTC - 5 hours
Page 2 of 3
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/