ESP8266 secure client without checking fingerprint/certificate

I’m working on a mailbox notifier for a friend, and have test code that actually works using IFTTT. But it makes an HTTP connection. While that works for the moment, I think the time will come when it will have to be a secure connection. So I would like to go ahead and make that change now.

But I really don’t want to bother with checking IFTTT’s certificate or a fingerprint thereof since those things would probably require periodic changes to the firmware. Is there a way to make an HTTPS connection to IFTTT, then transmit the encrypted GET instruction (or even in the clear if IFTTT permits that), but not check for authentication of IFTTT. I’m willing to take my chances that nobody is spoofing IFTTT.

If someone could suggest how this could be done, or point me to an example, that would be great.

Here’s the test code at this point, and as I said, it works fine when it’s able to connect to the router, which it does most of the time. And by the way, what is this “BearSSL” thing?

#include <ESP8266WiFi.h>
#define ssid "DATACENTER"
#define password "password"
#define eventname "MailboxOpened"
#define eventkey "thekeyforthemailbox..."
const int port = 80;

const char* resource = "/trigger/" eventname "/with/key/" eventkey;
const char* server = "maker.ifttt.com";

void setup() {
  Serial.begin(74880);
  while(!Serial) {
  }
  delay(5000);

  connectToWifi();

  makeIFTTTRequest();

  //now sending board to sleep
  Serial.println("deepsleepnow ");
  ESP.deepSleep(0);
}

void loop(){
  //if deep sleep is working, this code will never run.
  Serial.println("This shouldn't get printed");
}

void connectToWifi() {
  Serial.print("Connecting to: ");
  Serial.println(ssid);
  WiFi.begin(ssid, password);
  Serial.print("Attempting to connect: ");

  //try to connect for 10 seconds
  int i = 11;
  while((WiFi.status() != WL_CONNECTED) && (i-- > 0)) {
    delay(1000);
    Serial.print(i);
    Serial.print(", ");
  }
  Serial.println();
  //print connection result
  if(WiFi.status() == WL_CONNECTED){
    Serial.println("Connected.");
    Serial.print("D1 Mini IP address: ");
    Serial.println(WiFi.localIP());
  }
  else {
    Serial.println("Connection failed - check your credentials or connection");
    Serial.println("deepsleepnow ");
    ESP.deepSleep(0);
  }
}

// Make an HTTP request to the IFTTT web service

void makeIFTTTRequest() {
 Serial.print("Connecting to ");
 Serial.print(server);

 WiFiClient client;
 int retries = 5;
 while(!client.connect(server, port) && (retries-- > 0)) {
   Serial.print(".");
   delay(1000);
 }
 Serial.println();
 if(!client.connected()) {
    Serial.println("Failed to connect, going back to sleep");
    client.stop();
    return;
 }
 Serial.print("Request resource: ");
 Serial.println(resource);
 client.print(String("GET ") + resource +
                 " HTTP/1.1\r\n" +
                 "Host: " + server + "\r\n" +
                 "Connection: close\r\n\r\n");

 int timeout = 5 * 10; // 5 seconds
 while(!client.available() && (timeout-- > 0)){
   delay(100);
 }

 if(!client.available()) {
    Serial.println("No response, going back to sleep");
    client.stop();
    return;
 }
 while(client.available()){
   Serial.write(client.read());
 }
 Serial.println("\nclosing connection");
 delay(1000);
 client.stop();
}

Well I found something that works. Here’s the new version:

#include <ESP8266WiFi.h>
#define ssid "DATACENTER"
#define password "password"
#define eventname "MailboxOpened"
#define eventkey "thekeyforthemailbox..."
const int API_TIMEOUT = 15000;  //keep it long if you want to receive headers from client
const int httpsPort = 443;

const char* resource = "/trigger/" eventname "/with/key/" eventkey;
const char* server = "maker.ifttt.com";

void setup() {
  delay(5000);
  Serial.begin(74880);
  while(!Serial) { 
  }
  connectToWifi();

  makeIFTTTRequest();

  //now sending board to sleep
  WiFi.disconnect();
  Serial.println("deepsleepnow ");  
  ESP.deepSleep(0); 
}

void loop(){
  //if deep sleep is working, this code will never run.
  Serial.println("This shouldn't get printed");
} 

void connectToWifi() {
  WiFi.disconnect();
  Serial.print("Connecting to: ");
  Serial.println(ssid);
  WiFi.mode(WIFI_STA);
  WiFi.begin(ssid, password);  
  Serial.print("Attempting to connect: ");

  //try to connect for 10 seconds
  int i = 11;
  while((WiFi.status() != WL_CONNECTED) && (i-- > 0)) {
    delay(1000);
    Serial.print(i);
    Serial.print(", ");
  }
  Serial.println();
  //print connection result
  if(WiFi.status() == WL_CONNECTED){
    Serial.println("Connected."); 
    Serial.print("D1 Mini IP address: "); 
    Serial.println(WiFi.localIP());
  }
  else {
    Serial.println("Connection failed - check your credentials or connection");
    Serial.println("deepsleepnow ");  
    WiFi.disconnect();
    ESP.deepSleep(0); 
  }
}

// Make an HTTP request to the IFTTT web service

void makeIFTTTRequest() {
 Serial.print("Connecting to "); 
 Serial.print(server);

 BearSSL::WiFiClientSecure client;
 client.setInsecure();
 client.setTimeout(API_TIMEOUT);
 int retries = 6;
 while(!client.connect(server, httpsPort) && (retries-- > 0)) {
   Serial.print(".");
   delay(1000);
 }
 Serial.println();
 if(!client.connected()) {
    Serial.println("Failed to connect, going back to sleep");
    client.stop();
    return;
 }
 Serial.print("Request resource: "); 
 Serial.println(resource);
 client.print(String("GET ") + resource + 
                 " HTTP/1.1\r\n" +
                 "Host: " + server + "\r\n" + 
                 "Connection: close\r\n\r\n");

 int timeout = 5 * 10; // 5 seconds             
 while(!client.available() && (timeout-- > 0)){
   delay(100);
 }

 if(!client.available()) {
    Serial.println("No response, going back to sleep");
    client.stop();
    return;
 }
 while(client.available()){
   Serial.write(client.read());
 }
 Serial.println("\nclosing connection");
 delay(1000);
 client.stop();
}