Secure MQTT?

[Oderik]

Make server communication secure or do without sensitive data (is that possible?)

Maybe resolve #4 first.

[Oderik]

@avanc I need your mqtt server's certificate fingerprint to make the connection actually secure.

Please note this advice by the library: https://github.com/marvinroger/async-mqtt-client/blob/master/docs/4.-Limitations-and-known-issues.md#ssl-limitations

[avanc]

Hm, this would mean to change the code ever 90 days, as Let's Encrypt certificates are not valid longer and updated accordingly...

[Oderik]

Hm, can we use a static self signed certificate for the mqtt server?

[avanc]

Fingerprints: SH256: E7:94:91:72:27:B6:11:83:9A:B5:32:49:2E:F5:29:87:03:24:40:21:41:ED:AD:C2:C2:FA:B7:5C:C1:73:EE:3A SHA1: CA:EB:9E:E7:60:47:13:4C:2F:56:B9:79:70:9D:48:18:CE:07:31:A7

[avanc]

Hm, maybe the fingerprints of the Root can be used? These don't change... SHA256: 96:BC:EC:06:26:49:76:F3:74:60:77:9A:CF:28:C5:A7:CF:E8:A3:C0:AA:E1:1A:8F:FC:EE:05:C0:BD:DF:08:C6 SHA1: CA:BD:2A:79:A1:07:6A:31:F2:1D:25:36:35:CB:03:9D:43:29:A5:E8

[Oderik]

Thanks for the fingerprints! The broker fingerprint works, the root fingerprint doesn't. Let's keep that in mind and try to find a solution in medium term. At least good news is a secure connection is possible apparently.

[Oderik]

From the client perspective, this is done for now.

Maybe there will be more to dos later regarding https://github.com/nerdshop/asinello/issues/15