-
The use case is: I've an Espruino Pico (in the toy) that is connected to the internet, calls an API to get a CODE. Now i want to show the code to the user without using bluetooth, audio or display interface. So i thought i would use a push notification to send the code to the user.
If the HTTPs is not at all possible, then i may need to send an email with the code to the user. Anything else you can think of solving this?
-
You want to use a service worker on your phone to directly contact an Espruino?
To be honest I think you'd be out of luck anyway - even if you could get an HTTPS server on Espruino, the Service worker's request would most likely fail because the HTTPS certificate would have to be issued by a proper certificate authority (it's why even serving https off your own PC can be tricky).
The best be would be to find some web service that the Espruino could contact, and that your service worker could then query via HTTPS. Dweet is a nice easy one: https://www.espruino.com/IoT+Services#dweet-io
If you want to ensure it's totally secure then I think they have a paid service, or you could set up some kind of service on your own server I guess - you could maybe even use Amazon web services.
-
the Service worker's request would most likely fail because the HTTPS certificate
But i'm planning to use proper certificate
you could set up some kind of service on your own server
Yes, i'm thinking of running my own web service
Thanks for the quick response. BTW in general, do you think that there is no need for HTTPS in Espruino pico?
-
But i'm planning to use proper certificate
If the Pico's certificate isn't signed by a CA then you could still have problems trying to create an HTTPS server with it. You have the same problems trying to get an HTTPS server running on localhost, where computers usually display 'this site could be unsafe' when you try and connect.
It seems like it could be possible to do, but it's difficult - and you'd need to keep updating the Pico's certificates before they expired!
Yes, i'm thinking of running my own web service
If you do this then you're fine. The Pico can use HTTPS to connect to your web service, and your web service can have a properly signed certificate.
do you think that there is no need for HTTPS in Espruino pico?
If you're only communicating over a trusted network (eg. your home, with non-public WiFi) then personally I don't think you need HTTPS.
However if you're communicating over the internet with sensitive information then HTTPS is a great idea. But you don't need the Pico to be an HTTPS server for that, you just need it to be an HTTPS client (which it can easily do) to push data to a server on the web securely.
Gordon-
Post a reply
About
HTTPs support for Web PUSH notification
Posted by
@sureshkm
Hi @Gordon,
I would like to use the Web PUSH notification feature via service worker. But the service worker can only be registered on HTTPS. You already said that i cannot run HTTPS server in Espruino Pico.
How can i help you to get this HTTPS in? Please suggest if you have an alternate approach. Thanks.