These are chat archives for esp8266/Arduino

23rd
Aug 2017
Thomas Cooper
@thomascoope
Aug 23 2017 00:21
@cristovao-trevisan just about to flip my http code into HTTPS. Is it a lot different?
Thomas Cooper
@thomascoope
Aug 23 2017 00:31
@Sleepy105 I'm not sure on GPIO without looking. My experience with the Adafruit feather has been pretty straightforward & seemless. It's perhaps worth getting another board as they cost nothing. Have you tried another pc too? Not sure stable the Linux environment is & whether there are any complications there ?
Rinaldi Segecin
@rsegecin
Aug 23 2017 00:36
@thomascoope It might not sound related but I'm trying to do the same thing on a .net API and I found out that instead implementing https directly on my service I should use a reverse proxy or a tls gateway so I can have multiple services talking over https. Depending on the setup that you've got if you have to use a self signed CA I don't see much point on implementing https.
Cristóvão Trevisan
@cristovao-trevisan
Aug 23 2017 01:17
@thomascoope It's pretty easy, just give the SHA1 fingerprint to the begin function (ESP8266HTTPClient). Look at ESP8266HTTPClient.h for more details. If you're using a raw tcp conn (like I am) use the WiFiClientSecure class instead of WiFiClient (and the verify function to check the SHA1 fingerprint)
Cristóvão Trevisan
@cristovao-trevisan
Aug 23 2017 01:24
@rsegecin There is no difference of using a self signed certificate or a CA signed one for the ESP8266. You'll give the fingerprint as a hardcoded string anyway. The point is that the connection will be encrypted.
Rinaldi Segecin
@rsegecin
Aug 23 2017 01:29
@cristovao-trevisan you're right
Rinaldi Segecin
@rsegecin
Aug 23 2017 01:37
@cristovao-trevisan I don't know why I said "I didn't see much point ..." sorry
Thomas Cooper
@thomascoope
Aug 23 2017 08:29
@rsegecin sounds a bit complicated! Our product is entering commercial use & so needs to be https. Presumably the data is still readable in transit with a reverse proxy