You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Instead of hardcoding the TLS fingerprint for the conduit certificate (that may change), the firmware should verify the certificate chain from a root CA certificate using verifyCertChain as discussed here and here
I will likely proceed with implementing necessary changes in those two libraries over the next couple weeks as discussed on Links2004/arduinoWebSockets#352.
Update to new default SSL fingerprint for api.conduit.suyash.io (closes#6) and allows for the user of this library to specify a fingerprint of their own if they choose.
Of course, ideally no fingerprint would be needed for verification (and we could just verify by checking the certificate chain against a known root certificate). This change requires downstream changes in other libraries, however, and is being tracked by #5.
Instead of hardcoding the TLS fingerprint for the conduit certificate (that may change), the firmware should verify the certificate chain from a root CA certificate using
verifyCertChain
as discussed here and heremoved here from suyashkumar/conduit#73
The text was updated successfully, but these errors were encountered: