I am using ESP8266 via AT Commands connecting it to a host controller. I am able to open a TCP connection and send my data to a MQTT broker, it is working fine.
I would like to change it to a secure TCP connection with TLS encryption. The same MQTT broker offers both secure and insecure connection, I just need to change the port.

But, I do not know how to start it!
How to get the certificate, where to flash it in the ESP8266, and so on… ?

Please, any idea or material to recommend me?

Muito obrigado,
Iaran

Hi.. First, thank you very much because your website helps a lot.

I built a captive port project, My project requires users to read the terms and conditions before continuing. I have managed to make anyone connected to my esp wifi be redirected or display a captive portal Even when he starts opening an HTTP website, the problem is that if someone opens an HTTPS website then their browser shows an error because there is no connection or something.

Is there a way when they open https will be redirected to the captive portal page? In other program languages I can create “if https is requested by the client, then ignore it, after sending captive portal” or if https request is requested then remove the “S” on “https”.

I’m just beginning to understand Arduino’s language or its commands, and is that possible?

Both incarnations of ESP_HTTPS_SERVER (and ESPWebServerSecure), originally by Frank Hessel. They basically fail at the initial connect then retry until success, it takes 3 – 5 seconds. You can see a discussion of this on GitHub. If you need a secure webserver, with responses times in the under one second range (like you can easily get with the non secure ones), this just doesn’t work. I did some time checks and it’s the SSL handshake that takes all the time. The page writes, after the TLS tunnel is established take 1 – 3 milliseconds on a local network.

To explain my purpose, I have a device that I want to be controlled in relatively real time from anything, Andriod phone or tablet, iPhone or tablet, or any computer with a web-browser. If I put the server on the ESP32 everything can access it (which going back to the birth of the internet, how Tim Berners-Lee envisioned it, not with an app for every function on every platform as we have now).

But so far, I have not been able to get a reasonable HTTPS server running on an ESP32. Mostly is seem to be a problem with the TLS libraries.

If there is a better, faster library, I’d love to know about it!

Thanks!

Steve

Hi.
What library in particular are you referring to?
Regards,
Sara

It semi-sorta works, but the SSl library is depricated and requires a manual edit to point at a different hash library.

Not your fault at all, but we need a better solution that really works!

In the code I copied, the header esp_https_server.h is included, but at compilation it seems to look at non secure implementation as it complains about missing declaration.
I wonder if there any compile flags required to build that esp-idf sample and how it could be done from an arduino-esp32 project

Do you have any experience in compiling code from esp-idf from arduino-esp32 project and maybe provide some advice?
Thanks,

Hi.
We have this example: https://randomnerdtutorials.com/esp32-https-requests/

The other website you mentioned, copies all our content and changes only some words to make it seem that they have original content. almost all their tutorials are a copy of ours. Even the theme and structure of their website is copied from ours. So, it would be nice if you check our website first, before checking theirs.

Regards,
Sara

Thank you.
Have a great holiday season.
Regards,
Sara