Help with secure Peer to Peer bidirectional communications on a local network: Websocket? MQTT? Other?
Posted: Mon Sep 13, 2021 8:37 pm
What I'm looking for is secure Peer to Peer bidirectional communications on a local network because in some cases there may not have internet access so I can't facilitate with a cloud server.
What I was trying to do. Is there another way? Or a way to make this work?
Secure websocket server on an es32 without domain using IP only. Connected to by a client in browser or mobile app.
I am posting this as a new topic because I believe I understand the handshake error I am getting is related to the Common Name of the certificate not matching the domain of the server. Please correct me if I'm wrong.
Problem: Need to connect to an esp32 websocket server with an arbitrary IP address assigned by DHCP on any local network.
For the https server example the workaround is allow to proceed to untrusted site in the browser. But for a websocket that is accessed either from the browser or an app this is not an option.
Since I don't know the IP ahead of time, I can't sign a certificate with the proper IP, especially since this is bound to change.
How do I get around this? I'd rather do this in a secure way. Is this just going to require an intermediary server so that both the App/Browser and the ESP32 are clients to my cloud service which acts as a pass through?
Is MQTT a better option? But I'm assuming I'll run into the same certificate issue.
Any suggestions would be very appreciated!
What I was trying to do. Is there another way? Or a way to make this work?
Secure websocket server on an es32 without domain using IP only. Connected to by a client in browser or mobile app.
I am posting this as a new topic because I believe I understand the handshake error I am getting is related to the Common Name of the certificate not matching the domain of the server. Please correct me if I'm wrong.
Problem: Need to connect to an esp32 websocket server with an arbitrary IP address assigned by DHCP on any local network.
For the https server example the workaround is allow to proceed to untrusted site in the browser. But for a websocket that is accessed either from the browser or an app this is not an option.
Since I don't know the IP ahead of time, I can't sign a certificate with the proper IP, especially since this is bound to change.
How do I get around this? I'd rather do this in a secure way. Is this just going to require an intermediary server so that both the App/Browser and the ESP32 are clients to my cloud service which acts as a pass through?
Is MQTT a better option? But I'm assuming I'll run into the same certificate issue.
Any suggestions would be very appreciated!