Skip to content

Use per sensor self signed certificate for https server #238

Closed
@amandel

Description

@amandel

https://github.com/fhessel/esp32_https_server/blob/de1876cf6fe717cf236ad6603a97e88f22e38d62/examples/REST-API/REST-API.ino#L219 is exactly what we need

That seems not sufficient. The generated cert must adhere to some Apple rules also:

So we need:

  • Extend the cert creation method to add the extension attributes (seem to be well supported by mbedtls but not directly by the https server utility method). Supported via: self-signed certificates: Add CN as subjectAltName fhessel/esp32_https_server#113
  • A way to trigger generation of new cert (can not create cert for 10 years)
  • Way to download the cert for local install (application/octet-stream (?) obs.cer, base64), also via http access.
  • Increase length to 2048 which will increase key creation time, we need a progress bar or similar
  • Put some documentation on the http welcome page (specific for Mac? / Android? / Linux / iOS / Win)?

Metadata

Metadata

Assignees

Type

No type

Projects

No projects

Relationships

None yet

Development

No branches or pull requests

Issue actions