I've been handed an ESP8266 project implementing the Non-OS SDK (not sure what version but < 3) & asked to investigate adding security to it. At the moment it communicates with a server (& only the one server) via simple GET requests. What would be the best way to making this secure?
I've read the SSL document from Espressif but also seen details of limitations with TLS memory constraints, server fingerprints, CA root certs etc.
It's hard to get an idea of how to approach this.
Any suggestions, links to working projects would be welcome.