openevse_esp32_firmware icon indicating copy to clipboard operation
openevse_esp32_firmware copied to clipboard

Published 20 hours ago verified publisher icon OpenEVSE

Add Certificate Management

Open jeremypoulter opened this issue 5 years ago • 3 comments

  • [ ] Disable root certificate validation per client
  • [x] Update root certificates
  • [ ] HTTPS server certificate/private key (GUI)
  • [ ] MQTT client certificate/private key

jeremypoulter avatar Oct 01 '19 11:10 jeremypoulter

Does this issue include client certificates?

Client certificates are required for MQTT for use on Amazon AWS, Google Cloud, Microsoft Azure, etc.

Client Certificates are also required for OCPP 1.6J an 2.0 Security Profile 3 TLS with Client side certificate. https://www.openchargealliance.org/uploads/files/OCPP_1.6_Security_Whitepaper_-_2018.zip

chris1howell avatar Oct 27 '20 12:10 chris1howell

Does this also include managing/replacing the root CA bundle? I'm currently using a patcheset to add in my private CA:

https://github.com/ArchLayperson/ESP32_WiFi_V3.x/tree/haunhaus-patches

https://github.com/ArchLayperson/ESP32_WiFi_V3.x/tree/haunhaus-ca

Laikulo avatar Oct 24 '21 19:10 Laikulo

Yes, the intention is to allow the root CAs to be updated via the API/GUI

jeremypoulter avatar Oct 24 '21 19:10 jeremypoulter