CO2Monitor icon indicating copy to clipboard operation
CO2Monitor copied to clipboard

Published 20 hours ago verified publisher icon oseiler2

Generate SSL key and csr on device and support installing a certificate via MQTT

Open mattbnz opened this issue 1 year ago • 2 comments

I'd like to be able to have new devices self-register for secure MQTT without having to generate and transfer keys/certs off the device and then flash them on via a full filesytem update.

This adds the necessary logic to have the device itself generate a new key and associated CSR which it will submit via MQTT, and then await receipt of a signed certificate via a return MQTT message. How and if the server actually signs/generates the certs and sends it back is left up to the user, as its likely to be highly context specific.

mattbnz avatar Sep 07 '22 00:09 mattbnz

Can you give this branch a try please? https://github.com/oseiler2/CO2Monitor/tree/feature/csr

oseiler2 avatar Sep 16 '22 09:09 oseiler2

What are the changes? It's a bit tedious to get a diff between what's in this pull request and what's in the branch because of the changed filenames, etc.

mattbnz avatar Sep 19 '22 22:09 mattbnz