SSL CERTIFICATE and MQTT library at ESP8266

[torwanb]

If your ESP8266 MQTT nodes using just these two libraries:

Code: Select all

#include "Adafruit_MQTT.h"
#include "Adafruit_MQTT_Client.h"

...and secure connection suddenly stopped working on 11th Aug 2022, it is enough to replace a fingerprint string content to this one:

Code: Select all

// io.adafruit.com SHA1 fingerprint
static const char *fingerprint PROGMEM = "18 C0 C2 3D BE DD 81 37 73 40 E7 E4 36 61 CB 0A DF 96 AD 25";

Then recompile and flash your nodes. It works fine on my two nodes, I only have some issues with teh third one with a bit more complex firmware. But in general it should work.

The new fingerprint can be found using this:
echo | openssl s_client -connect io.adafruit.com:443 | openssl x509 -fingerprint -noout
(Linux command line in a terminal)

[Almeida]

ola me ajude.
eu só usava essa Biblioteca #include "config.h"
devo substituir ou adicionar as outras??

[brubell]

Hi, we've updated the SSL fingerprint on the example code (https://github.com/adafruit/Adafruit_MQ ... y/pull/213) and it will be released shortly.

We've added the updated SSL fingerprint within Adafruit IO Arduino as well:

https://github.com/adafruit/Adafruit_IO ... o/pull/159

However, if security is a concern and you are still using an ESP8266, we have notes on how to utilize WifiClientSecure in the source code. If security is a concern for your project, we strongly recommend users impacted by this moving to ESP32 which has certificate verification by storing root certs and having a chain-of-trust rather than doing individual certificate fingerprints.