-->

ESP8266 Community Forum

Open Community Forum for ESP8266, Come share Arduino and IoT (Internet of Things)
https://www.esp8266.com/

ESP8266WiFi HTTPs fingerprint verify question

https://www.esp8266.com/viewtopic.php?f=6&t=17858

Page 1 of 1

ESP8266WiFi HTTPs fingerprint verify question

PostPosted: Sun Jun 24, 2018 7:46 am
by oOHenry
Hello everyone,

I am trying to understand the TLS verify of the this example: https://github.com/esp8266/Arduino/blob/master/libraries/ESP8266WiFi/examples/HTTPSRequest/HTTPSRequest.ino#L30

Do I understand it right that every time the server renews his certificate, I need to find out the new fingerprint and adjust the fingerprint in the code? Or do I have to change the fingerprint only if it is a completely new cert?

Thanks in advance,
Henry

Re: ESP8266WiFi HTTPs fingerprint verify question

PostPosted: Mon Jun 25, 2018 7:29 am
by Cosmic Mac
Unfortunately, a certificate renewal means a new fingerprint.
If you don't want to update the fingerprint in your code every year (worst case), and don't care about verifying the server identity, then just omit the client.verify call.

It all depends on the service you access, and the criticality of the information you send.

Some useful information here: https://github.com/esp8266/Arduino/issues/3417
All times are UTC - 5 hours
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/