From 4132abe310363690d5cc7df3409430ff470bf7a0 Mon Sep 17 00:00:00 2001
From: couin3 <35873376+couin3@users.noreply.github.com>
Date: Mon, 5 Oct 2020 14:19:27 +0200
Subject: [PATCH] Added insecure SSL

---
 RFLink/6_WiFi_MQTT.cpp | 21 +++++++++++++++++++++
 RFLink/RFLink.h        |  2 ++
 2 files changed, 23 insertions(+)

diff --git a/RFLink/6_WiFi_MQTT.cpp b/RFLink/6_WiFi_MQTT.cpp
index d3eb9dbe..46ce0564 100644
--- a/RFLink/6_WiFi_MQTT.cpp
+++ b/RFLink/6_WiFi_MQTT.cpp
@@ -31,7 +31,14 @@ boolean bResub; // uplink reSubscribe after setup only
 
 // Update these with values suitable for your network.
 
+#ifdef MQTT_SSL
+#include <WiFiClientSecure.h>
+WiFiClientSecure WIFIClient;
+#else //SSL
+#include <WiFiClient.h>
 WiFiClient WIFIClient;
+#endif //SSL
+
 PubSubClient MQTTClient; // MQTTClient(WIFIClient);
 
 void callback(char *, byte *, unsigned int);
@@ -74,8 +81,22 @@ void setup_WIFI()
 
 void setup_MQTT()
 {
+  Serial.print(F("SSL :\t\t\t"));
+#ifdef MQTT_SSL
+  if (MQTT_PORT == "")
+    MQTT_PORT = "8883"; // just in case ....
+#ifdef CHECK_CACERT
+  Serial.println(F("Using ca_cert"));
+  WIFIClient.setCACert(ca_cert);
+#else
+  Serial.println(F("Insecure (No Key/Cert/Fp)"));
+#endif // MQTT_CACERT
+#else
   if (MQTT_PORT == "")
     MQTT_PORT = "1883"; // just in case ....
+  Serial.println(F("Not Set"));
+#endif //SSL
+
   MQTTClient.setClient(WIFIClient);
   MQTTClient.setServer(MQTT_SERVER.c_str(), MQTT_PORT.toInt());
   MQTTClient.setCallback(callback);
diff --git a/RFLink/RFLink.h b/RFLink/RFLink.h
index 449e67ff..9029e145 100644
--- a/RFLink/RFLink.h
+++ b/RFLink/RFLink.h
@@ -27,6 +27,8 @@
 #define MQTT_LOOP_MS 1000     // MQTTClient.loop(); call period (in mSec)
 #define MQTT_RETAINED_0 false // Retained option
 #define MQTT_LWT              // Let know if Module is Online or Offline via MQTT Last Will message
+#define MQTT_SSL              // Send MQTT messages over SSL
+// #define CHECK_CACERT       // Send MQTT SSL CA Certificate
 #endif
 
 // Debug default