test1

code/components/jomjol_flowcontroll/ClassFlowMQTT.cpp

@@ -114,7 +114,15 @@ bool ClassFlowMQTT::ReadParameter(FILE* pfile, string& aktparamgraph)
         }
         if ((toUpper(_param) == "VALIDATESERVERCERT") && (splitted.size() > 1))
         {
-            validateServerCert = alphanumericToBoolean(splitted[1]);
+            bool _validateServerCert = alphanumericToBoolean(splitted[1]);
+            if (_validateServerCert == true)
+            {
+                validateServerCert = false;
+            }
+            else
+            {
+                validateServerCert = true;
+            }
         }  
         if ((toUpper(_param) == "CLIENTCERT") && (splitted.size() > 1))
         {

param-docs/parameter-pages/MQTT/ValidateServerCert.md

@@ -7,11 +7,12 @@ Default Value: `true`
 
 Enable or disable the validation of the server certificate.
 
-If `enabled (true)`, the certificate sent by the server is validated using the configured [Root CA Certificate file](https://jomjol.github.io/AI-on-the-edge-device-docs/Parameters/#parameter-cacert).\
-The server name in [uri](https://jomjol.github.io/AI-on-the-edge-device-docs/Parameters/#parameter-uri) is compared with the CN field of the server certificate. A connection will be only established if these match.\
+If `enabled (true)`, the certificate sent by the server is validated using the configured [Root CA Certificate file](https://jomjol.github.io/AI-on-the-edge-device-docs/Parameters/#parameter-cacert).<br>
+The server name in [uri](https://jomjol.github.io/AI-on-the-edge-device-docs/Parameters/#parameter-uri) is compared with the CN field of the server certificate.<br>
+A connection will be only established if these match.<br>
 It ensures the origin of the server.
 
-If `disabled (false)`, only the validity of the certificate (e.g. expiry) is checked, not the origin (CN field).\
+If `disabled (false)`, only the validity of the certificate (e.g. expiry) is checked, not the origin (CN field).<br>
 If you use public brokers, make sure to set this parameter to "enabled", to avoid potential MITM-Attacks!
 
 !!! Note

sd-card/html/edit_config_template.html

@@ -2366,7 +2366,7 @@ function UpdateInput() {
     WriteParameter(param, category, "MQTT", "CACert", true);
     WriteParameter(param, category, "MQTT", "ClientCert", true);
     WriteParameter(param, category, "MQTT", "ClientKey", true);
-    WriteParameter(param, category, "MQTT", "ValidateServerCert", false);
+    WriteParameter(param, category, "MQTT", "ValidateServerCert", true);
     WriteParameter(param, category, "MQTT", "DomoticzTopicIn", true);
     
     WriteParameter(param, category, "InfluxDB", "Uri", true);	
@@ -2535,7 +2535,7 @@ function ReadParameterAll() {
     ReadParameter(param, "MQTT", "CACert", true);
     ReadParameter(param, "MQTT", "ClientCert", true);
     ReadParameter(param, "MQTT", "ClientKey", true);
-    ReadParameter(param, "MQTT", "ValidateServerCert", false);
+    ReadParameter(param, "MQTT", "ValidateServerCert", true);
     ReadParameter(param, "MQTT", "DomoticzTopicIn", true);
 
     ReadParameter(param, "InfluxDB", "Uri", true);