SSL Handling in esp8266HTTPClient is awful

[AHaymond]

When will this library be improved so that the SSL Fingerprint is not required to connect to an https address?

It is maddening that this is a requirement for something that is hard coded into an arduino only to inevitably fail when the cert is updated or changed!

[igrr]

Please refer to https://github.com/esp8266/Arduino/blob/master/libraries/ESP8266WiFi/examples/HTTPSRequestCACert/HTTPSRequestCACert.ino as an example of verification using root certificate. This is available in 2.4.0-rc2. There is also a work-in-progress option to verify certificate's subjectPublicKeyInfo, which usually doesn't change when the certificate is reissued: #3700

…

On Thu, Nov 2, 2017, 06:20 Adam Haymond ***@***.***> wrote: When will this library be improved so that the SSL Fingerprint is not required to connect to an https address? It is maddening that this is a requirement for something that is hard coded into an arduino only to inevitably fail when the cert is updated or changed! — You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub <#3784>, or mute the thread <https://github.com/notifications/unsubscribe-auth/AEJcenOL3GZKlSsjPzysfIRkga-nm9E6ks5syO6YgaJpZM4QO5-N> .