I would like to download bitmaps through https without the need for preloaded certs.
The goal is to use a general solution for GxEPD2_WiFi_Example for ESP8266 and ESP32.
Browsers like Microsoft Edge or Mozilla Firefox can do this. With Firefox I found out how to get the certificate chain. But certificates have expiration dates, and thus need to be updated.
Using setInsecure() on WiFiClientSecure no longer works for all cases.
So far, I found these examples to learn from: WiFiClientShowPeerCredentials and BearSSL_Validation for ESP32 andESP8266.
For WiFiClientShowPeerCredentials I had to add a preloaded certificate to get it working, and it got me no further (with some additions).
With BearSSL_Validation I found out how you can use a root certificate, but there doesn't seem to be a common root for all sites.
I intend to add more to this post, but any hints would be highly welcome.
Jean-Marc