From 4167b60991a41de3e28188cf74af5ccd4361bc62 Mon Sep 17 00:00:00 2001
From: Alexandre B <alexandre.bobkov@gmail.com>
Date: Thu, 4 Jul 2024 00:41:38 -0400
Subject: [PATCH] .

---
 ESP32_Temperture-Node/README.md | 64 ++++++++++++++++++---------------
 1 file changed, 36 insertions(+), 28 deletions(-)

diff --git a/ESP32_Temperture-Node/README.md b/ESP32_Temperture-Node/README.md
index 1bfc9e3e..3f6d217d 100644
--- a/ESP32_Temperture-Node/README.md
+++ b/ESP32_Temperture-Node/README.md
@@ -98,42 +98,50 @@ static const char NODE_CERT_PRIVATE [] PROGMEM = R"EOF(
 <p>It is easier to generate SSL Certificates and Keys on Linux since it already comes with neccessary tools.</p>
 
 ### Certificate generator for TLS encryption
-#################################################################
-openssl req -new -x509 -days 365 -extensions v3_ca -keyout ca.key -out ca.crt -passout pass:1234 -subj '/CN=TrustedCA.net'
-#If you generating self-signed certificates the CN can be anything
+```text
+# openssl req -new -x509 -days 365 -extensions v3_ca -keyout ca.key -out ca.crt -passout pass:1234 -subj '/CN=TrustedCA.net'
+```
 
-openssl genrsa -out mosquitto.key 2048
-openssl req -out mosquitto.csr -key mosquitto.key -new -subj '/CN=Mosquitto_borker_adress'
-openssl x509 -req -in mosquitto.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out mosquitto.crt -days 365 -passin pass:1234
-#Mostly the client verifies the adress of the mosquitto server, so its necessary to set the CN to the correct adress (eg. yourserver.com)!!!
+> [!NOTE]
+> If you generating self-signed certificates the CN can be anything.
 
+```text
+# openssl genrsa -out mosquitto.key 2048
+# openssl req -out mosquitto.csr -key mosquitto.key -new -subj '/CN=Mosquitto_borker_adress'
+# openssl x509 -req -in mosquitto.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out mosquitto.crt -days 365 -passin pass:1234
+```
 
-#################################################################
-#These certificates are only needed if the mosquitto broker requires a certificate for client autentithication (require_certificate is set to true in mosquitto config)
-#################################################################
-openssl genrsa -out esp.key 2048
-openssl req -out esp.csr -key esp.key -new -subj '/CN=localhost'
-openssl x509 -req -in esp.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out esp.crt -days 365 -passin pass:1234
-#If the server (mosquitto) identifies the clients based on CN key, its necessary to set it to the correct value, else it can be blank. See the Mosquitto config.
+> [!NOTE]
+> Mostly, the client verifies the adress of the mosquitto server, so its necessary to set the CN to the correct adress (eg. yourserver.com)!!!
 
-==========================
+<p>These certificates are only needed if the mosquitto broker requires a certificate for client autentithication (require_certificate is set to true in mosquitto config)</p>
 
-openssl req -new -x509 -days 365 -extensions v3_ca -keyout ca.key -out ca.crt -passout pass:1234 -subj '/CN=myserver.dynamic-dns.net'
+```text
+# openssl genrsa -out esp.key 2048
+# openssl req -out esp.csr -key esp.key -new -subj '/CN=localhost'
+# openssl x509 -req -in esp.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out esp.crt -days 365 -passin pass:1234
+```
 
-openssl genrsa -out mosquitto.key 2048
-openssl req -out mosquitto.csr -key mosquitto.key -new -subj '/CN=localhost'
-openssl x509 -req -in mosquitto.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out mosquitto.crt -days 365 -passin pass:1234
+> [!NOTE]
+> If the server (mosquitto) identifies the clients based on CN key, its necessary to set it to the correct value, or else it can be blank. See the Mosquitto config.
 
-openssl genrsa -out esp.key 2048
-openssl req -out esp.csr -key esp.key -new -subj '/CN=localhost'
-openssl x509 -req -in esp.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out esp.crt -days 365 -passin pass:1234 
+```text
+# openssl req -new -x509 -days 365 -extensions v3_ca -keyout ca.key -out ca.crt -passout pass:1234 -subj '/CN=myserver.dynamic-dns.net'
 
-openssl genrsa -out esp32.key 2048
-openssl req -new -x509 -days 365 -extensions v3_ca -keyout esp32_ca.key -out esp32_ca.crt -passout pass:1234 -subj '/CN=10.100.50.16'
-openssl req -out esp32.csr -key esp32.key -new -subj '/CN=10.100.50.16'
+# openssl genrsa -out mosquitto.key 2048
+# openssl req -out mosquitto.csr -key mosquitto.key -new -subj '/CN=localhost'
+# openssl x509 -req -in mosquitto.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out mosquitto.crt -days 365 -passin pass:1234
 
-openssl genrsa -out esp_node.key 2048
-openssl req -out esp_node.csr -key esp_node.key -new -subj '/CN=localhost'
-openssl x509 -req -in esp32.csr -CA esp32_ca.crt -CAkey esp32_ca.key -CAcreateserial -out esp_node.crt -days 365 -passin pass:1234
+# openssl genrsa -out esp.key 2048
+# openssl req -out esp.csr -key esp.key -new -subj '/CN=localhost'
+# openssl x509 -req -in esp.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out esp.crt -days 365 -passin pass:1234 
+
+# openssl genrsa -out esp32.key 2048
+# openssl req -new -x509 -days 365 -extensions v3_ca -keyout esp32_ca.key -out esp32_ca.crt -passout pass:1234 -subj '/CN=192.168.50.16'
+# openssl req -out esp32.csr -key esp32.key -new -subj '/CN=192.168.50.16'
+
+# openssl genrsa -out esp_node.key 2048
+# openssl req -out esp_node.csr -key esp_node.key -new -subj '/CN=localhost'
+# openssl x509 -req -in esp32.csr -CA esp32_ca.crt -CAkey esp32_ca.key -CAcreateserial -out esp_node.crt -days 365 -passin pass:1234
 
 ```
\ No newline at end of file