Open mattbnz opened 2 years ago
Can you give this branch a try please? https://github.com/oseiler2/CO2Monitor/tree/feature/csr
What are the changes? It's a bit tedious to get a diff between what's in this pull request and what's in the branch because of the changed filenames, etc.
I'd like to be able to have new devices self-register for secure MQTT without having to generate and transfer keys/certs off the device and then flash them on via a full filesytem update.
This adds the necessary logic to have the device itself generate a new key and associated CSR which it will submit via MQTT, and then await receipt of a signed certificate via a return MQTT message. How and if the server actually signs/generates the certs and sends it back is left up to the user, as its likely to be highly context specific.