|
|
|
|
|
|
by 8organicbits
545 days ago
|
|
|
I built a small device as a hobby a couple years back using an ESP32. It has 500KB of memory, so storing a full set of CA certs was quite limiting. I forget the size, but looking at Ubuntu package repo, perhaps 100KB. So the constraint was storage size (and therefore hardware cost). I ended up making it local network only and using unencrypted HTTP, which worked for my use case. |
|
|
Not sure what your project was doing, but one doesn't generally want to install a full set of CAs. If you're creating a product that'll talk to your APIs you pin your own CA, ensure that the server name matches and verify it, anything else is a failure.