Adding SSL/TLS Support to the ESP8266Alvaro Luis Bustamante
In this post we will introduce some new features about securing the Internet of Things, like in our previous post, Securing the Internet of Things, where we introduced SSL/TLS support for the Arduino MKR1000. In this case we are working with the well-known ESP8266, and YES! it supports also secure TLS connections to our Internet of Things platform. This little device, and thanks to the community support, now integrates TLS support by software. In our tests, we are not able to notice any significant performance issues, and the connections seems to be stable as always. So we have decided that the ESP8266 devices will connect by default using secure sockets. So, you can update the Arduino libraries to 2.5.0 to start using this security feature.
If you enable the debug output in your ESP8266 sketch, you will be able to see how the device is now connecting by default using secure connections. We have improved the debug output to actually detect if the connection is secured or not.
[NETWORK] Connecting to network Meeble [NETWORK] Connected to WiFi! [NETWORK] Getting IP Address... [NETWORK] Got IP Address: 192.168.1.101 [NETWORK] Connected! [_SOCKET] Connecting to iot.thinger.io:25202... [_SOCKET] Using secure TLS/SSL connection: yes [_SOCKET] SSL/TLS Host Verification Succeed! [_SOCKET] Connected! [THINGER] Authenticating. User: alvarolb Device: nodemcu [THINGER] Writing bytes: 35 [OK] [THINGER] Authenticated
Of course, if you are not aware about the security of your device, you can easily disable the TLS/SSL connection by including the following define before ANY include.
#define _DISABLE_TLS_ // add the includes here
Hope you enjoy your secure devices!