Implement verifyCertChain to have the firmware verify the conduit certificate #5
Comments
|
Implementing this requires changes in two other dependency repositories. Corresponding issues have been opened: I will likely proceed with implementing necessary changes in those two libraries over the next couple weeks as discussed on Links2004/arduinoWebSockets#352. |
This was referenced Sep 8, 2018
suyashkumar
added a commit
that referenced
this issue
Sep 8, 2018
Update to new default SSL fingerprint for api.conduit.suyash.io (closes #6) and allows for the user of this library to specify a fingerprint of their own if they choose. Of course, ideally no fingerprint would be needed for verification (and we could just verify by checking the certificate chain against a known root certificate). This change requires downstream changes in other libraries, however, and is being tracked by #5.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Instead of hardcoding the TLS fingerprint for the conduit certificate (that may change), the firmware should verify the certificate chain from a root CA certificate using
verifyCertChainas discussed here and heremoved here from suyashkumar/conduit#73
The text was updated successfully, but these errors were encountered: