search

blynkkk / blynk-library

Blynk library for IoT boards. Works with Arduino, ESP32, ESP8266, Raspberry Pi, Particle, ARM Mbed, etc.
https://blynk.io
MIT License
3.84k stars 1.39k forks source link

Set fingerprint also in the client #475

Closed dforsi closed 3 years ago

dforsi commented 4 years ago

Description

My use case is using a self-signed certificate and its fingerprint for validation.

This PR makes the following code use the fingerprint and work as expected:

Blynk.begin(auth, ssid, pass, ip, port, fingerprint);

otherwise the WiFiClientSecure::connect() method fails to validate the SSL connection and returns the following error if debug messages are enabled or silently fails otherwise:

BSSL:Couldn't connect. Error = 'Chain could not be linked to a trust anchor.'

A workaround, without applying this PR is:

_blynkWifiClient.setFingerprint(fingerprint); Blynk.begin(auth, ssid, pass, ip, port, fingerprint);

Issues Resolved

Using the fingerprint fails to establish an SSL connection.

vshymanskyy commented 3 years ago

With the latest updates, we dropped support of axTLS in favor of BearSSL. This also should fix your issues. Please check it out and let us know. Thanks for your contribution!