From 4fae9ac2002636ecc59b59df1e6f8d2ba480eaa4 Mon Sep 17 00:00:00 2001 From: Pascal Schiessle Date: Fri, 31 Oct 2025 19:25:34 +0100 Subject: [PATCH 1/2] Changed Names --- library.json | 6 +++--- library.properties | 4 ++-- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/library.json b/library.json index 0456c47..0c09c76 100644 --- a/library.json +++ b/library.json @@ -1,14 +1,14 @@ { - "name": "esp32_https_server", + "name": "esp32_brave_https_server", "keywords": "communication, esp32, http, https, server, ssl, tls, webserver, websockets", "description": "Alternative ESP32 Webserver implementation for the ESP32, supporting HTTPS and HTTP. The library provides TLS support and simultaneous connections. It can be used to run an HTTP or HTTPS server, or both in parallel. The server's resources are defined through handler and middleware functions, giving an easy start to everyone who has worked with frameworks like Express or Servlets before.", "repository": { "type": "git", - "url": "https://github.com/fhessel/esp32_https_server.git" + "url": "https://github.com/LeBraveLittleToaster/esp32_brave_https_server" }, "license": "MIT", - "version": "1.0.0", + "version": "0.0.1", "frameworks": "arduino", "platforms": ["espressif32"] } diff --git a/library.properties b/library.properties index 3ffb202..a3f4478 100644 --- a/library.properties +++ b/library.properties @@ -1,10 +1,10 @@ name=ESP32_HTTPS_Server version=1.0.0 author=Frank Hessel -maintainer=Frank Hessel +maintainer=Pascal Schiessle sentence=Alternative ESP32 Webserver implementation for the ESP32, supporting HTTPS and HTTP. paragraph=The library provides TLS support and simultaneous connections. It can be used to run an HTTP or HTTPS server, or both in parallel. The server's resources are defined through handler and middleware functions, giving an easy start to everyone who has worked with frameworks like Express or Servlets before. category=Communication -url=https://github.com/fhessel/esp32_https_server +url=https://github.com/LeBraveLittleToaster/esp32_brave_https_server architectures=esp32 includes=HTTPSServer.hpp,HTTPRequest.hpp,HTTPResponse.hpp From cc4307b2ed72b92e197c8554de7501332aa1a274 Mon Sep 17 00:00:00 2001 From: Pascal Schiessle Date: Fri, 31 Oct 2025 20:00:29 +0100 Subject: [PATCH 2/2] Fixed create_cert.sh script for up to date generation of certificates --- extras/create_cert.sh | 89 ++++++++++++++++++++++++++---------------- src/HTTPConnection.hpp | 2 +- 2 files changed, 57 insertions(+), 34 deletions(-) diff --git a/extras/create_cert.sh b/extras/create_cert.sh index 753fb03..e9f1f5d 100755 --- a/extras/create_cert.sh +++ b/extras/create_cert.sh @@ -1,56 +1,79 @@ #!/bin/bash -set -e -#------------------------------------------------------------------------------ -# cleanup any previously created files +set -euo pipefail rm -f exampleca.* example.* cert.h private_key.h -#------------------------------------------------------------------------------ -# create a CA called "myca" +# ------------------------------ +# Create a real CA (with CA:TRUE) using 4096-bit key +openssl genrsa -out exampleca.key 4096 -# create a private key -openssl genrsa -out exampleca.key 1024 - -# create certificate -cat > exampleca.conf << EOF +cat > exampleca.conf << 'EOF' [ req ] -distinguished_name = req_distinguished_name prompt = no -[ req_distinguished_name ] -C = DE +distinguished_name = dn +x509_extensions = v3_ca + +[ dn ] +C = DE ST = BE -L = Berlin -O = MyCompany +L = Berlin +O = MyCompany CN = myca.local + +[ v3_ca ] +basicConstraints = critical, CA:true, pathlen:0 +keyUsage = critical, keyCertSign, cRLSign +subjectKeyIdentifier = hash +authorityKeyIdentifier = keyid:always,issuer EOF -openssl req -new -x509 -days 3650 -key exampleca.key -out exampleca.crt -config exampleca.conf -# create serial number file -echo "01" > exampleca.srl -#------------------------------------------------------------------------------ -# create a certificate for the ESP (hostname: "myesp") +openssl req -new -x509 -days 3650 -sha256 \ + -key exampleca.key -out exampleca.crt -config exampleca.conf -# create a private key +# Create serial file automatically (or let -CAcreateserial do it) +echo "01" > exampleca.srl + +# ------------------------------ +# Create server key + CSR with proper extensions + SAN openssl genrsa -out example.key 1024 -# create certificate signing request -cat > example.conf << EOF + +cat > example.conf << 'EOF' [ req ] -distinguished_name = req_distinguished_name -prompt = no -[ req_distinguished_name ] -C = DE +prompt = no +distinguished_name = dn +req_extensions = v3_req + +[ dn ] +C = DE ST = BE -L = Berlin -O = MyCompany +L = Berlin +O = MyCompany CN = esp32.local + +[ v3_req ] +basicConstraints = CA:false +keyUsage = critical, digitalSignature, keyEncipherment +extendedKeyUsage = serverAuth, clientAuth +subjectAltName = @alt_names + +[ alt_names ] +DNS.1 = esp32.local +DNS.2 = myesp EOF -openssl req -new -key example.key -out example.csr -config example.conf -# have myca sign the certificate -openssl x509 -days 3650 -CA exampleca.crt -CAkey exampleca.key -in example.csr -req -out example.crt +openssl req -new -sha256 -key example.key -out example.csr -config example.conf + +# Sign leaf cert with the CA, carrying over the server extensions +openssl x509 -req -days 3650 -sha256 \ + -in example.csr -CA exampleca.crt -CAkey exampleca.key \ + -CAserial exampleca.srl \ + -extfile example.conf -extensions v3_req \ + -out example.crt -# verify +echo "-- verifying openssl certificate now ---" openssl verify -CAfile exampleca.crt example.crt +echo "--- verifying openssl certificate finished ---" + # convert private key and certificate into DER format openssl rsa -in example.key -outform DER -out example.key.DER openssl x509 -in example.crt -outform DER -out example.crt.DER diff --git a/src/HTTPConnection.hpp b/src/HTTPConnection.hpp index fb15d7a..bd23057 100644 --- a/src/HTTPConnection.hpp +++ b/src/HTTPConnection.hpp @@ -6,7 +6,7 @@ #include #include -#include +#include #include // Required for sockets