Skip to content

TLS enabled ECDSA by default for ESP8266#24009

Merged
s-hadinger merged 1 commit into
arendst:developmentfrom
s-hadinger:tls_ecdsa_esp8266
Oct 13, 2025
Merged

TLS enabled ECDSA by default for ESP8266#24009
s-hadinger merged 1 commit into
arendst:developmentfrom
s-hadinger:tls_ecdsa_esp8266

Conversation

@s-hadinger
Copy link
Copy Markdown
Collaborator

@s-hadinger s-hadinger commented Oct 13, 2025

Description:

TLS ECDSA:

  • enable ECDSA by default on ESP8266 (+11.5k code for TLS enabled firmwares), can be disabled by removing #define USE_MQTT_TLS_ECDSA
  • added AWS IoT Amazon Root CA3 which is used to sign ECDSA certificates. As an EC CA, it is much smaller than RSA CA.

Checklist:

  • The pull request is done against the latest development branch
  • Only relevant files were touched
  • Only one feature/fix was added per PR and the code change compiles without warnings
  • The code change is tested and works with Tasmota core ESP8266 V.2.7.8
  • The code change is tested and works with Tasmota core ESP32 V.3.1.4
  • I accept the CLA.

NOTE: The code change must pass CI tests. Your PR cannot be merged unless tests pass

@s-hadinger s-hadinger merged commit b045579 into arendst:development Oct 13, 2025
64 checks passed
echo-bravo-yahoo pushed a commit to echo-bravo-yahoo/Tasmota that referenced this pull request Jan 9, 2026
@s-hadinger @echo-bravo-yahoo
TLS enabled ECDSA by default for ESP8266 (arendst#24009)
7ac49e9
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@s-hadinger