TLS for web server

[LaudixGit]

Is your feature request related to a problem? No

A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]

Traffic between the browser and the server should be encrypted. This makes users more confident in the site content. (that confidence may not be justified, but that is not the point)

Describe the solution you'd like

Can this library include new HTTPSServer(cert) like the ESP32_HTTPS_Server library.

Describe alternatives you've considered

I attempted to use ESP32_HTTPS_Server but I get kernel panic errors when using ESP32_HTTPS_Server with AsyncMqtt_Generic and websockets.

Additional context

Other than encryption I have a useful template INO, based on this library, I use as the foundation for many projects.

[LaudixGit]

@khoih-prog I notice, line 169 of WebServer.cpp AsyncWebServer::beginSecure that encryption was considered for this library, but there are no examples, and I need encrypted websocket (wss) as well.

I made a lazy attempt at using beginSecure but got compile errors. So I thought it best to ask about your expectations before attempting to push the limits of the library.

You are achieving so much, so I am embarrassed to ask: will this library include TLS someday?

[khoih-prog]

Hi @LaudixGit

Thanks for your encouraging words, which will flatter many authors/people contributed to these libraries.

I made a lazy attempt at using beginSecure but got compile errors.

Did you turn on the SSL feature by using in your sketch ?

#define ASYNC_TCP_SSL_ENABLED    true

Added: You also have to use my [AsyncTCP_SSL](https://github.com/khoih-prog/AsyncTCP_SSL) library

It's also beneficial by including your not-working SSL-related code, so that anybody can duplicate.

I've been so busy and certainly need many helping brains to create / test new examples, such as TLS/SSL, which I'm sure working with ESP32

Did you also try my brand-new and related libraries for ESP32+ENC28J60 or W5500

1. AsyncWebServer_ESP32_ENC => 10Mb/s
2. AsyncWebServer_ESP32_W5500 =>100Mb/s

You can have many more pins to use than WT32_ETH01 as well as using with any ESP32 (S2, S3, C3)

[khoih-prog]

Did you try these SSL examples for WT32_ETH01 in WT32_ETH01

[khoih-prog]

Hi @LaudixGit

Just have a quick look @ your very good code ESP32ETH01-Server_Base.ino.

I think I have to ask for your permission to use that in some libraries, such as this, AsyncMQTT_Generic and many more as above.

It's even better if you can make the PRs to contribute to those libraries.

BR,

[LaudixGit]

Absolutely, you can use this as needed. It was only possible because of your libraries.

I do hope to have a cleaner, succinct, version in a few weeks. Maybe even with self-signed encryption (following your suggestion above)

[LaudixGit]

I'll plan on submitting a PR after my next version.

[LaudixGit]

With a new USB drive imaged with the most recent (Sep 2022) version of RaspiOS I installed Arduino IDE 1.8.19 added the board links in Preferences and set the board to WT-ETH01. I installed the AsyncTCP_SSL library, and this library. Using the example sketch Async_AdvancedWebServer I made the two suggested modifications, but there is a compile error

I will now attempt to also install the original library but thought you like to know.

[LaudixGit]

It's also beneficial by including your not-working SSL-related code,

With the addition of the original library there is a different compile error

In file included from /tmp/arduino_modified_sketch_534248/Async_AdvancedWebServer.ino:62: /home/laudix/code/libraries/AsyncWebServer_WT32_ETH01/src/AsyncWebServer_WT32_ETH01.h:848:27: error: 'AcSSlFileHandler' has not been declared void onSslFileRequest(AcSSlFileHandler cb, void* arg); ^~~~ Multiple libraries were found for "WiFi.h" Used: /home/laudix/.arduino15/packages/esp32/hardware/esp32/2.0.5/libraries/WiFi Not used: /opt/arduino-1.8.19/libraries/WiFi exit status 1 Error compiling for board WT32-ETH01 Ethernet Module.

[LaudixGit]

Did you try these SSL examples for WT32_ETH01

I originally disregarded the WT32_ETH01 library because it doesn't have any websocket capabilities.

Looking closer, today, I notice there are no websocket examples, but there enticing files in the src folder.

I'll see if I can get websockets to work without an example. (I am assuming I can use my functional code from this library)

[khoih-prog]

HI @LaudixGit

I've just rechecked and the SSL is not ready for Async yet. It'll take a lots of work before making it working.

I suggest you don't waste your time there yet.

Currently use the forked sync ESP32_HTTPS_Server

I'll try to make the new HTTPS_Server_Generic library to support many more powerful-enough boards, such as ESP32, ESP8266, Teensy, RP2040, etc.

For WebSockets, hae a look at Async_WebSocketsServer from a twin library. I haven;t got time to convert it (even easily) to many other AsyncWebServer libraries.

[LaudixGit]

Yes, thanks. I was wondering which is the recommended library to focus on. I'll forego TLS encryption for now.

[khoih-prog]

Hi @LaudixGit

I'll try to make the new HTTPS_Server_Generic library to support many more powerful-enough boards, such as ESP32, ESP8266, Teensy, RP2040, etc.

Try the newly-published HTTPS_Server_Generic library, especially the Async-Server example

---

Releases v1.2.0

1. Initial coding to port esp32_https_server and ESP32_HTTPS_Server to ESP32 boards, WT32_ETH01, (ESP32 + LwIP W5500) and (ESP32 + LwIP ENC28J60) Ethernet
2. Use allman astyle and restyle library.

---

TO DO

1. Fix bug. Add enhancement
2. For ESP32, using ESP_TLS for future ESP-IDF v5.0 instead of to-be-deprecated OpenSSL
3. Using ArduinoJson v6 instead of v5.13.5-
4. Add support to more powerful-enough boards using LwIP WiFi/Ethernet, such as :
   • ESP8266
   • Portenta_H7 WiFi / Ethernet
   • RP2040W WiFi
   • Teensy 4.1 QNEthernet
   • etc.