Added SSL webserver example

15_ssl_webserver/CA/openssl.cnf

@@ -0,0 +1,90 @@
+# OpenSSL root CA configuration file.
+
+[ ca ]
+default_ca = CA_default
+
+[ CA_default ]
+
+# default folders
+dir               = /home/dentellaluca/myCA
+certs             = $dir/certs
+crl_dir           = $dir/crl
+new_certs_dir     = $dir/newcerts
+database          = $dir/index.txt
+serial            = $dir/serial
+RANDFILE          = $dir/private/.rand
+
+# CA private key and certificate files
+private_key       = $dir/private/ca.key
+certificate       = $dir/certs/ca.cer
+
+# Certificate revocation list
+crlnumber         = $dir/crlnumber
+crl               = $dir/crl/ca.crl
+crl_extensions    = crl_ext
+default_crl_days  = 30
+
+# Use SHA-2
+default_md        = sha256
+
+name_opt          = ca_default
+cert_opt          = ca_default
+default_days      = 365
+preserve          = no
+policy            = policy_default
+
+[ policy_default ]
+commonName              = supplied
+organizationalUnitName  = optional
+organizationName        = optional
+localityName            = optional
+stateOrProvinceName     = optional
+countryName             = optional
+emailAddress            = optional
+
+[ req ]
+# Settings for new requests
+default_bits        = 2048
+distinguished_name  = req_distinguished_name
+default_md          = sha256
+x509_extensions     = ca_cert
+
+[ req_distinguished_name ]
+countryName                     = Country Name (2 letter code)
+stateOrProvinceName             = State or Province Name
+localityName                    = Locality Name
+0.organizationName              = Organization Name
+organizationalUnitName          = Organizational Unit Name
+commonName                      = Common Name
+emailAddress                    = Email Address
+
+[ ca_cert ]
+# Extensions for CA certificates
+subjectKeyIdentifier = hash
+authorityKeyIdentifier = keyid:always,issuer
+basicConstraints = critical, CA:true
+keyUsage = critical, digitalSignature, cRLSign, keyCertSign
+
+[ usr_cert ]
+# Extensions for client certificates
+basicConstraints = CA:FALSE
+nsCertType = client, email
+nsComment = "OpenSSL Generated Client Certificate"
+subjectKeyIdentifier = hash
+authorityKeyIdentifier = keyid,issuer
+keyUsage = critical, nonRepudiation, digitalSignature, keyEncipherment
+extendedKeyUsage = clientAuth, emailProtection
+
+[ server_cert ]
+# Extensions for server certificates
+basicConstraints = CA:FALSE
+nsCertType = server
+nsComment = "OpenSSL Generated Server Certificate"
+subjectKeyIdentifier = hash
+authorityKeyIdentifier = keyid,issuer:always
+keyUsage = critical, digitalSignature, keyEncipherment
+extendedKeyUsage = serverAuth
+
+[ crl_ext ]
+# Extension for CRLs
+authorityKeyIdentifier=keyid:always

15_ssl_webserver/firmware/Makefile

@@ -0,0 +1,9 @@
+#
+# This is a project Makefile. It is assumed the directory this Makefile resides in is a
+# project subdirectory.
+#
+
+PROJECT_NAME := 16_ssl_webserver
+
+include $(IDF_PATH)/make/project.mk
+

15_ssl_webserver/firmware/main/Kconfig.projbuild

@@ -0,0 +1,20 @@
+menu "Example configuration"
+
+	config AP_SSID
+		string "Wifi SSID"
+		default "esp32-ap"
+		help
+			SSID for the Access Point Wifi network (max 31 chars)
+
+	config AP_PASSWORD
+		string "Wifi password"
+		help
+			Password for the Wifi network (if needed)
+
+	config RELAY_PIN
+		int "Number of the PIN connected to the RELAY"
+		range 0 34
+		default 0
+
+endmenu
+

15_ssl_webserver/firmware/main/ca.cer

@@ -0,0 +1,19 @@
+-----BEGIN CERTIFICATE-----
+MIIDCjCCAfKgAwIBAgIJAKDlWtmPY783MA0GCSqGSIb3DQEBCwUAMBIxEDAOBgNV
+BAMMB0x1Y2EtQ0EwHhcNMTcwNTMwMTQxMjU2WhcNMjcwNTI4MTQxMjU2WjASMRAw
+DgYDVQQDDAdMdWNhLUNBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
+xVGXeHpnKADvVvjltwbimVK1coZJpQ7NoLdnquArrtV2YjmAH8fQL747o5Zooqib
+XsItDjMnU80IIFAfqfp+L7bMatLXhNjEokU72gCQOzY+fCH01tvcSgk9Y0xKxwMF
+Lbyx3BR54/DInEW0kLu70BIFGjRh6Vafw7o3kP888lesJXmO2BzKqdP6NA7GVdzT
+vmabvXWZdjUxjzU9THERuYrSLzzosaJsGJS5xtzsI0nNGp9blm7NIxMkakVXAcFc
+KyMrStorriOQRqy9KvLsdfxdAcD0yKw8Zcm85uxiCv3nbc/VH0vgurBVHu1X8pbs
+EvUocBJieze6Q6DFwx52SwIDAQABo2MwYTAdBgNVHQ4EFgQUmU6wPUEhYrdeqK6L
+lrl6Eh0jqlcwHwYDVR0jBBgwFoAUmU6wPUEhYrdeqK6Llrl6Eh0jqlcwDwYDVR0T
+AQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZIhvcNAQELBQADggEBAL+p
+Dg6d6AcZC6PKldFPCRhwdbXii26wGbr6q/7dB50+jBo72CPGXCJBNRQ/jVT5mvV7
+5jFprIHzi2GWfvHC6ItTnFGkYDqhM83dn4TObjRJ4n5jfPD/7L28M3NAefP3kKqh
+SJUojkHU+btgw8Cl+1MrCUGmYjWb6Yd1Et9vYZvqkG/cYyfEWk3TmRilsCWSxFEJ
+84NxH3Ug8Hhip0VgdW/AHICOJ0OgRomfEeXjzGy5BJKkUnsGqA5UP94M+xonq7hu
+K78zSV6zZGriojFBJqDhWOXoAIWa5swJN4rDONnaKDWdGl/zdy2UylkWzGjeHYeN
+m4WGJImdyqaY57sOB0s=
+-----END CERTIFICATE-----

15_ssl_webserver/firmware/main/component.mk

@@ -0,0 +1,2 @@
+COMPONENT_EMBED_FILES := on.png off.png
+COMPONENT_EMBED_TXTFILES := ca.cer espserver.cer espserver.key

15_ssl_webserver/firmware/main/espserver.cer

@@ -0,0 +1,21 @@
+-----BEGIN CERTIFICATE-----
+MIIDgjCCAmqgAwIBAgICEAAwDQYJKoZIhvcNAQELBQAwEjEQMA4GA1UEAwwHTHVj
+YS1DQTAeFw0xNzA1MzAxNDIzMDlaFw0xODA1MzAxNDIzMDlaMBUxEzARBgNVBAMM
+CmVzcC1zZXJ2ZXIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA1zeb
+PMEfp/pdqUm+KYz2zlVqJle6n9ndK8AMEvvmLcq0+SHUKTdw+m5buBWLtRc0/paj
+Vzd8+35jQqrjaeylJ/Zsmpw2pIor3cUerkzGsQYfpmjrV8dQpOVe0/77GN79DRGU
+mE1BSFyBLNqr/PUFyw/kKJ7c2STl/lL7jqJgGIwYK1vbqZB8YV4KqcqSbVqJpZCx
+FXnlXTMxthXCBKYhjprZ44dT2npAULgRXOrk0YoXKE5yVv2sxNdMghElA3wakwy8
+V0JgXyfousNOlOmLcahOllMdVLgWDDpevAGfRaHB3Uyv4t8NbPzIlQoJGphc7pML
+IwF9F2KH4TuVPwfxAgMBAAGjgd4wgdswCQYDVR0TBAIwADARBglghkgBhvhCAQEE
+BAMCBkAwMwYJYIZIAYb4QgENBCYWJE9wZW5TU0wgR2VuZXJhdGVkIFNlcnZlciBD
+ZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUlIPIkALRTqDITAj6szS9MkxhX9swQgYDVR0j
+BDswOYAUmU6wPUEhYrdeqK6Llrl6Eh0jqlehFqQUMBIxEDAOBgNVBAMMB0x1Y2Et
+Q0GCCQCg5VrZj2O/NzAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUH
+AwEwDQYJKoZIhvcNAQELBQADggEBADvSbKerPVAeFEn4DzHVF7hkK8AYu3unZ5eV
+BeeNeT9suqg85h+BnvnQv1Y1fBffvJx8UON/rMwXCpoVeh3cc0YyoLu2iIOU4ohW
+yFac8J9dz1h9eUkuUPYJMmze8aA6vebQYXrl7k7oQLTr/EhqtU3yBJAdbOgHjw52
+Wx0L2TYKCyDMGVfoT+regdXQu6ZmjK17cg3NP/mBMF/pLoHZxcwZs7QdP3vBkRj5
++5RXCd4uLoqb3/hFh2iT6Vl055GffGXwBxU+Pg+IohbrwHdTBMt6u5oM4klVG4U9
+dnhiCnPD3KrlohNWY+QTkBWSa4sYLqqEfLzlyw/Gc01fgswF3FE=
+-----END CERTIFICATE-----

15_ssl_webserver/firmware/main/espserver.key

@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEpAIBAAKCAQEAwNc3mzzBH6f6XalJvimM9s5VaiZXup/Z3SvADBL75i3KtPkh
+1Ck3cPpuW7gVi7UXNP6Wo1c3fPt+Y0Kq42nspSf2bJqcNqSKK93FHq5MxrEGH6Zo
+61fHUKTlXtP++xje/Q0RlJhNQUhcgSzaq/z1BcsP5Cie3Nkk5f5S+46iYBiMGCtb
+26mQfGFeCqnKkm1aiaWQsRV55V0zMbYVwgSmIY6a2eOHU9p6QFC4EVzq5NGKFyhO
+clb9rMTXTIIRJQN8GpMMvFdCYF8n6LrDTpTpi3GoTpZTHVS4Fgw6XrwBn0Whwd1M
+r+LfDWz8yJUKCRqYXO6TCyMBfRdih+E7lT8H8QIDAQABAoIBAQCFTL+9aTO+JClm
+0PyOnL46ZMqaQ8Lk2FaLEhEAx6akqAa1Lnl55LvUNuhOMmOCXT2bfli2tDVBCb+F
+8bGa3b+dMpCe5gkRpI92XyhBWw7rUbb/7dIczGKUlkePU0+wVrLdjUkXxGeytshq
+6oyF0qe0x3dGqeWWl+tvqGvIRAJuFZWX6mVoaZOtqUeeVb+fwqbs3gR2VVABR9q9
+KqKRN1ZikWeJyhQPzTmVpZ5ebqP4blMiJZgFo9TDUp0D6TpC6IQso8VegBSQDrOK
+lhYUfU76xsknb6HftqkuZE6BiPWP07tpApH5okp3fO1jGblKgRMDE4Cg9p1UAnef
+F6O+uDuZAoGBAPFVL4F1zvT3A9ruzb/sUqBFd7XD7vtNcp/DoxUr6SHSHHJ5J5M3
+BDhGav20on4n3oXXYzPcw/atVey7wH8HLzBhKwujJ/jbYOCyu6MXA0gv7i+EG0Mc
+iY6yJ/SFlEDnqlVgzZmMH4CL299Z4c6W1SPfq2VCcIM8ADxxaSSFWheHAoGBAMyP
+j2GKsVIv4iT0Yq6Ertutc4Yo8FhVQiG/2OOnfYps2tAgKx7ETTms9VX6axggM38e
++psxeVX1NWM16OxRAuYaIOR6+NzFhShcVberxHgpVZYeQemdOHgIzRCd+Fin6Yjc
+5YyfH0mFCjuY3IEwdUa3NFo1j8trmR+AUNs6RtLHAoGBAKSdJZVZ5XwkjeWlZITY
+TxfxqpE6f+W800X07WXAmPov1qWizILXUTKNnedGclw5F8kVvR4gJS861tRu0QQU
+w3Rtoy4B8X8HLRK399NsHBn+T6rroqjpa08BaM2a3CBVpVMtf7CP6uEFBUpZhfQj
+4Gji5YdhhVuO7t5LwZtetrA7AoGACti13pMvEc+OKy12KhDJAMbysDNtgxGKPyXg
+BzozUuqws4ZxIuF/wsYkABoWIaJbeKsY2K/H4kHtQcRzBEzLXY4XHmZS2cnzZI94
+0BNgiIqQijQyhIOcoei9jtsBdxn4LRSha1Joo0pVn5FcZ9E89rHyKbJbXIrpBJ2W
+K/msFbMCgYAwCdYb9dcZXgy6DVX1H9AHrJfNqqSJYID7e47EA/RVhtBKIx85EX5T
+7WXOquT0Xi9AhfLTxRM3kThNmGzx/C2PbMmfYsukDcjORlE53jeFGKJcfvFP28BZ
+YxulaKAUJrhTUCoSZTfr6PCcjvzsaHf52DSyryJ7X8niR+IkA3JUOQ==
+-----END RSA PRIVATE KEY-----