Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(influxdb tls + mqtt tls): Use built-in certification bundle for server verification #180

Merged
merged 4 commits into from
Oct 20, 2024
Merged

chore(influxdb tls + mqtt tls): Use built-in certification bundle for server verification #180

merged 4 commits into from
Oct 20, 2024

Conversation

Slider0007
Copy link
Owner

@Slider0007 Slider0007 commented Oct 20, 2024
edited
Loading

If TLS is enabled, but no user-provided CA certificate is selected, use built-in certification bundle for server verification (default) for the following services:

  • MQTT
  • InfluxDBv1
  • InfluxDBv2

Benefits:

Drawback:

  • Increased flash size (ca. 66kB)
    • If needed, could be reduced by using only common certificates (to be modified in sdkconfig.defaults)
    • A creation time of this PR, flash memory is still suffcient

Usage before based on ESP32:
RAM: [= ] 13.8% (used 45096 bytes from 327680 bytes)
Flash: [======== ] 82.2% (used 1599697 bytes from 1945600 bytes)

Usage after:
RAM: [= ] 13.9% (used 45520 bytes from 327680 bytes)
Flash: [========= ] 85.6% (used 1665457 bytes from 1945600 bytes)

@Slider0007 Slider0007 changed the title chore(influxdb tls + mqtt tls): Use built-in certification bundle for server veification (default) chore(influxdb tls + mqtt tls): Use built-in certification bundle for server verification (default) Oct 20, 2024
@Slider0007 Slider0007 changed the title chore(influxdb tls + mqtt tls): Use built-in certification bundle for server verification (default) chore(influxdb tls + mqtt tls): Activate option to use built-in certification bundle for server verification Oct 20, 2024
@Slider0007 Slider0007 changed the title chore(influxdb tls + mqtt tls): Activate option to use built-in certification bundle for server verification chore(influxdb tls + mqtt tls): Activate option using built-in certification bundle for server verification Oct 20, 2024
@Slider0007 Slider0007 changed the title chore(influxdb tls + mqtt tls): Activate option using built-in certification bundle for server verification chore(influxdb tls + mqtt tls): Use built-in certification bundle for server verification Oct 20, 2024
@Slider0007 Slider0007 merged commit cdf84c1 into develop Oct 20, 2024
10 checks passed
@Slider0007 Slider0007 deleted the influx-mqtt-crt-bundles branch October 20, 2024 11:51
@github-actions github-actions bot mentioned this pull request Oct 20, 2024
Draft
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@Slider0007