Wled: HTTPS support for HTTP request API
Is HTTPS likely to be support on the HTTP request endpoint?
I appreciate this might be difficult for people with expiring SSL certificates.
SpicerSolutions
All 2 comments
Hi!
This is not likely/almost impossible to implement on ESP8266 due to insufficient memory.
On the ESP32 it is a different story, HTTPS support is easily possible. Still we would need to figure out how to add a certificate that is ideally both not self-signed (so that it is trusted by browsers), but that could not be circumvented by the private key becoming public due to the open source of WLED. This would likely require users to generate/install their own certificates for true security, but it's definitely something I want to look into!
Aircoookie
on 12 Sep 2020
@SpicerSolutions You can hear Unexpected Maker talk about the issues with https on this video: https://youtu.be/A4Hzz84HuNY?t=733 The issue is around the certificates consuming too much RAM. Though, in the video, I am not 100% clear if he is talking about inbound or outbound connections. If I wanted to secure my WLED on my network, I would probably use a reverse proxy and firewall rules.
pbolduc
on 12 Sep 2020
Related issues
vigne
路
3Comments
brausepaule
路
3Comments
Mombonav
路
4Comments
Legsmaniac
路
3Comments
JoshWobbles
路
3Comments
Most helpful comment
@SpicerSolutions You can hear
Unexpected Makertalk about the issues with https on this video: https://youtu.be/A4Hzz84HuNY?t=733 The issue is around the certificates consuming too much RAM. Though, in the video, I am not 100% clear if he is talking about inbound or outbound connections. If I wanted to secure my WLED on my network, I would probably use a reverse proxy and firewall rules.