ESP8266 Secure CA Verification

Page content

While working on a secure cloud for the gang of the esp8266 based devices we are developing we need SSL – real and secure.

And this August is the month of the SSL issues , it seems , but thankful to the Espressifs’ quick support they are on the way out.

SSL Memory Leak

The latest SDK v1.3.0 introduced a bug that simply didn’t call the disconnect callback of esp connections under some circumstances and that in turn leaked memory.  It’s not clarified but the case was when you had a tcp listener and ssl connection after the ssl connection is over, your tcp listener connections did receive disconnect callbacks anymore.  You can get the fix from

Server Certificate Verification

Recent memory optimizations gave enough memory to turn on server certificate validation. But hit the next bug – it fails

Still in progress but you can watch the development of the resolving on the forum: SSL CA Issue

Current state is that if you do not provide the two level chain, i.e. certificate and issuer certificate the connections is established ok.