tasmota-fingerprint is a tool designed to assist in calculating the custom TLS fingerprints expected by the Tasmota firmware since version 6.5.0.15 as documented on the Tasmota Wiki
tasmota-fingerprint /path/to/server.pem
/some/command/outputservercertificate | tasmota-fingerprint
In either case, the input is expected to be a PEM-encoded x509 certificate with an RSA public key, as is required by the Tasmota project.
If you have Go installed, simply go get github.com/issacg/tasmota-fingerprint
Otherwise, binary releases may be available.
The current implementation of TLS in the Tasmota project, without significantly altering the source code, requires either the use of a certificate issued by LetsEncrypt, or a TOFU security model. While these are both legitimate models for many use cases, they don't cover the use cases available in previous versions of the firmware where it was trivial to pre-calculate the expected fingerprint of any key.
This software allows the expected fingerprint to be calculated in order to be configured on end-devices without needing a TOFU flow.
Copyright 2019 Issac Goldstand [email protected]
This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any later version. This library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details. You should have received a copy of the GNU Lesser General Public License along with this library; if not, write to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
Having said that, the author of this software is interested in relicensing under the more permissive Apache 2.0 license. If the original author of this function reads this notice and is willing to allow such relicensing, (s)he is encouraged to open an issue on GitHub or otherwise contact the author. Thank you!