[COMPLETE} SSL CERTIFICATE UPDATE FOR IO

Moderators: adafruit_support_bill, adafruit

Forum rules
If you're posting code, please make sure your code does not include your Adafruit IO Active Key or WiFi network credentials.
Locked
User avatar
jwcooper
 
Posts: 1003
Joined: Tue May 01, 2012 9:08 pm

[COMPLETE} SSL CERTIFICATE UPDATE FOR IO

Post by jwcooper »

UPDATE: This has now been completed.

UPDATE: The tentative date for this is now August 11, 2022.

This is an early notice that we will be updating the SSL Certificate for https://io.adafruit.com in the next month or so. As the date approaches, we will update this post to specify the date and time.

The impact should be minimal for the majority of devices, but some that use the SSL Fingerprint will need to update the client library.

IMPORTANT NOTE: In upcoming library updates, the ESP8266 will no longer use the SSL fingerprint and WifiClientSecure in the Adafruit_IO_Arduino and Adafruit_Wippersnapper_Arudino libraries by default. This is to avoid this annual updating of fingerprints. If security is a concern and you are still using an ESP8266, we have notes on how to utilize WifiClientSecure in the source code. If security is a concern for your project, we strongly recommend users impacted by this moving to ESP32 which has certificate verification by storing root certs and having a chain-of-trust rather than doing individual certificate fingerprints.


The specific libraries that will need to be updated are the following:
https://github.com/adafruit/Adafruit_Wi ... er_Arduino
https://github.com/adafruit/Adafruit_IO_Arduino

Optionally this if you're using the fingerprint from the examples:
https://github.com/adafruit/Adafruit_MQTT_Library

Locked
Forum rules
If you're posting code, please make sure your code does not include your Adafruit IO Active Key or WiFi network credentials.

Return to “Internet of Things: Adafruit IO and Wippersnapper”