From ed778441d5a3384d9d87f627a40a720398b72b27 Mon Sep 17 00:00:00 2001
From: Gunnar Skjold <gunnar.skjold@gmail.com>
Date: Fri, 15 Dec 2023 18:50:08 +0100
Subject: [PATCH] Ability to load cert/key for mqtt without ca

---
 lib/AmsMqttHandler/src/AmsMqttHandler.cpp | 58 ++++++++++++-----------
 1 file changed, 31 insertions(+), 27 deletions(-)

diff --git a/lib/AmsMqttHandler/src/AmsMqttHandler.cpp b/lib/AmsMqttHandler/src/AmsMqttHandler.cpp
index a097302c..f2c5f6bd 100644
--- a/lib/AmsMqttHandler/src/AmsMqttHandler.cpp
+++ b/lib/AmsMqttHandler/src/AmsMqttHandler.cpp
@@ -50,37 +50,41 @@ bool AmsMqttHandler::connect() {
 						}
 					#endif
 					file.close();
-
-					if(LittleFS.exists(FILE_MQTT_CERT) && LittleFS.exists(FILE_MQTT_KEY)) {
-						#if defined(ESP8266)
-							if(debugger->isActive(RemoteDebug::INFO)) debugger->printf_P(PSTR("Found MQTT certificate file (%dkb free heap)\n"), ESP.getFreeHeap());
-							file = LittleFS.open(FILE_MQTT_CERT, (char*) "r");
-							BearSSL::X509List *serverCertList = new BearSSL::X509List(file);
-							file.close();
-
-							if(debugger->isActive(RemoteDebug::INFO)) debugger->printf_P(PSTR("Found MQTT key file (%dkb free heap)\n"), ESP.getFreeHeap());
-							file = LittleFS.open(FILE_MQTT_KEY, (char*) "r");
-							BearSSL::PrivateKey *serverPrivKey = new BearSSL::PrivateKey(file);
-							file.close();
-
-							if(debugger->isActive(RemoteDebug::DEBUG)) debugger->printf_P(PSTR("Setting client certificates (%dkb free heap)"), ESP.getFreeHeap());
-							mqttSecureClient->setClientRSACert(serverCertList, serverPrivKey);
-						#elif defined(ESP32)
-							if(debugger->isActive(RemoteDebug::INFO)) debugger->printf_P(PSTR("Found MQTT certificate file (%dkb free heap)\n"), ESP.getFreeHeap());
-							file = LittleFS.open(FILE_MQTT_CERT, (char*) "r");
-							mqttSecureClient->loadCertificate(file, file.size());
-							file.close();
-
-							if(debugger->isActive(RemoteDebug::INFO)) debugger->printf_P(PSTR("Found MQTT key file (%dkb free heap)\n"), ESP.getFreeHeap());
-							file = LittleFS.open(FILE_MQTT_KEY, (char*) "r");
-							mqttSecureClient->loadPrivateKey(file, file.size());
-							file.close();
-						#endif
-					}
 				} else {
 					if(debugger->isActive(RemoteDebug::INFO)) debugger->printf_P(PSTR("No CA, disabling validation\n"));
 					mqttSecureClient->setInsecure();
 				}
+
+				if(LittleFS.exists(FILE_MQTT_CERT)) {
+					#if defined(ESP8266)
+						if(debugger->isActive(RemoteDebug::INFO)) debugger->printf_P(PSTR("Found MQTT certificate file (%dkb free heap)\n"), ESP.getFreeHeap());
+						file = LittleFS.open(FILE_MQTT_CERT, (char*) "r");
+						BearSSL::X509List *serverCertList = new BearSSL::X509List(file);
+						file.close();
+						mqttSecureClient->setClientRSACert(serverCertList, serverPrivKey);
+					#elif defined(ESP32)
+						if(debugger->isActive(RemoteDebug::INFO)) debugger->printf_P(PSTR("Found MQTT certificate file (%dkb free heap)\n"), ESP.getFreeHeap());
+						file = LittleFS.open(FILE_MQTT_CERT, (char*) "r");
+						mqttSecureClient->loadCertificate(file, file.size());
+						file.close();
+					#endif
+				}
+				
+				if(LittleFS.exists(FILE_MQTT_KEY)) {
+					#if defined(ESP8266)
+						if(debugger->isActive(RemoteDebug::INFO)) debugger->printf_P(PSTR("Found MQTT key file (%dkb free heap)\n"), ESP.getFreeHeap());
+						file = LittleFS.open(FILE_MQTT_KEY, (char*) "r");
+						BearSSL::PrivateKey *serverPrivKey = new BearSSL::PrivateKey(file);
+						file.close();
+						mqttSecureClient->setClientRSACert(serverCertList, serverPrivKey);
+					#elif defined(ESP32)
+						if(debugger->isActive(RemoteDebug::INFO)) debugger->printf_P(PSTR("Found MQTT key file (%dkb free heap)\n"), ESP.getFreeHeap());
+						file = LittleFS.open(FILE_MQTT_KEY, (char*) "r");
+						mqttSecureClient->loadPrivateKey(file, file.size());
+						file.close();
+					#endif
+				}
+
 				LittleFS.end();
 			} else {
 				if(debugger->isActive(RemoteDebug::INFO)) debugger->printf_P(PSTR("CA verification disabled\n"));