Drop support for old (insecure) fingerprint format (#20842)

This commit is contained in:
s-hadinger 2024-03-01 12:24:48 +01:00 committed by GitHub
parent 3162282f91
commit 54b1a94379
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 2 additions and 1 deletions

View File

@ -8,6 +8,7 @@ All notable changes to this project will be documented in this file.
- Berry `path.rename()` (#20840)
### Breaking Changed
- Drop support for old (insecure) fingerprint format
### Changed

View File

@ -446,7 +446,7 @@
// #define USE_MQTT_AWS_IOT // [Deprecated] Enable MQTT for AWS IoT - requires a private key (+11.9k code, +0.4k mem)
// Note: you need to generate a private key + certificate per device and update 'tasmota/tasmota_aws_iot.cpp'
// Full documentation here: https://github.com/arendst/Tasmota/wiki/AWS-IoT
// #define USE_MQTT_TLS_DROP_OLD_FINGERPRINT // If you use fingerprint (i.e. not CA) validation, the algorithm changed to a more secure one.
#define USE_MQTT_TLS_DROP_OLD_FINGERPRINT // If you use fingerprint (i.e. not CA) validation, the algorithm changed to a more secure one.
// Any valid fingerprint with the old algo will be automatically updated to the new algo.
// Enable this if you want to disable the old algo check, which should be more secure
// for USE_4K_RSA (support for 4096 bits certificates, instead of 2048), you need to uncommend `-DUSE_4K_RSA` in `build_flags` from `platform.ini` or `platform_override.ini`