various minor web fixes (#8885)

* httpclient: use refs - httpserver: add chunks in examples

* basic https client: update cert

* debug log: read() returning -1 is usual and means "nothing to read"

* emulation on host: SSL server has never been and is now working

* style

* move SSL server certs from examples into a single place with appropriate warnings

* web-hello-servers: make chunks bigger

* factorize template declaration

* http-client: add getString(pre-reservation)

* mock: add umm_info()

* style

* comment API in example

* style

* fix per review

Author: d-a-v

libraries/ESP8266HTTPClient/examples/BasicHttpsClient/BasicHttpsClient.ino

@@ -62,6 +62,7 @@ void loop() {
         // file found at server
         if (httpCode == HTTP_CODE_OK || httpCode == HTTP_CODE_MOVED_PERMANENTLY) {
           String payload = https.getString();
+          // String payload = https.getString(1024);  // optionally pre-reserve string to avoid reallocations in chunk mode
           Serial.println(payload);
         }
       } else {

libraries/ESP8266HTTPClient/src/ESP8266HTTPClient.cpp

@@ -107,7 +107,7 @@ bool HTTPClient::begin(WiFiClient &client, const String& host, uint16_t port, co
         _canReuse = false;
         disconnect(true);
     }
-    
+
     _client = client.clone();
 
     clear();
@@ -483,7 +483,7 @@ int HTTPClient::sendRequest(const char * type, const uint8_t * payload, size_t s
         //
         redirect = false;
         if (
-            _followRedirects != HTTPC_DISABLE_FOLLOW_REDIRECTS && 
+            _followRedirects != HTTPC_DISABLE_FOLLOW_REDIRECTS &&
             redirectCount < _redirectLimit &&
             _location.length() > 0
         ) {
@@ -496,7 +496,7 @@ int HTTPClient::sendRequest(const char * type, const uint8_t * payload, size_t s
                         // (the RFC require user to accept the redirection)
                         _followRedirects == HTTPC_FORCE_FOLLOW_REDIRECTS ||
                         // allow GET and HEAD methods without force
-                        !strcmp(type, "GET") || 
+                        !strcmp(type, "GET") ||
                         !strcmp(type, "HEAD")
                     ) {
                         redirectCount += 1;
@@ -631,20 +631,20 @@ WiFiClient* HTTPClient::getStreamPtr(void)
  * return all payload as String (may need lot of ram or trigger out of memory!)
  * @return String
  */
-const String& HTTPClient::getString(void)
+const String& HTTPClient::getString(int reserve)
 {
     if (_payload) {
         return *_payload;
     }
 
     _payload.reset(new StreamString());
 
-    if(_size > 0) {
-        // try to reserve needed memory
-        if(!_payload->reserve((_size + 1))) {
-            DEBUG_HTTPCLIENT("[HTTP-Client][getString] not enough memory to reserve a string! need: %d\n", (_size + 1));
-            return *_payload;
-        }
+    if (_size > 0 && _size > reserve)
+        reserve = _size;
+
+    if (reserve > 0 && !_payload->reserve(reserve)) {
+        DEBUG_HTTPCLIENT("[HTTP-Client][getString] not enough memory to reserve a string! need: %d\n", reserve);
+        return *_payload;
     }
 
     writeToStream(_payload.get());
@@ -732,30 +732,30 @@ void HTTPClient::collectHeaders(const char* headerKeys[], const size_t headerKey
     }
 }
 
-String HTTPClient::header(const char* name)
+const String& HTTPClient::header(const char* name)
 {
     for(size_t i = 0; i < _headerKeysCount; ++i) {
         if(_currentHeaders[i].key == name) {
             return _currentHeaders[i].value;
         }
     }
-    return String();
+    return emptyString;
 }
 
-String HTTPClient::header(size_t i)
+const String& HTTPClient::header(size_t i)
 {
     if(i < _headerKeysCount) {
         return _currentHeaders[i].value;
     }
-    return String();
+    return emptyString;
 }
 
-String HTTPClient::headerName(size_t i)
+const String& HTTPClient::headerName(size_t i)
 {
     if(i < _headerKeysCount) {
         return _currentHeaders[i].key;
     }
-    return String();
+    return emptyString;
 }
 
 int HTTPClient::headers()

libraries/ESP8266HTTPClient/src/ESP8266HTTPClient.h

@@ -203,9 +203,9 @@ class HTTPClient
 
     /// Response handling
     void collectHeaders(const char* headerKeys[], const size_t headerKeysCount);
-    String header(const char* name);   // get request header value by name
-    String header(size_t i);              // get request header value by number
-    String headerName(size_t i);          // get request header name by number
+    const String& header(const char* name);   // get request header value by name
+    const String& header(size_t i);           // get request header value by number
+    const String& headerName(size_t i);       // get request header name by number
     int headers();                     // get header count
     bool hasHeader(const char* name);  // check if header exists
 
@@ -217,7 +217,13 @@ class HTTPClient
     WiFiClient* getStreamPtr(void);
     template <typename S> int writeToPrint(S* print) [[deprecated]] { return writeToStream(print); }
     template <typename S> int writeToStream(S* output);
-    const String& getString(void);
+
+    // In case of chunks = when size cannot be known in advance
+    // by the library, it might be useful to pre-reserve enough
+    // space instead of offending memory with a growing String
+    const String& getString() { return getString(0); }
+    const String& getString(int reserve);
+
     static String errorToString(int error);
 
 protected:

libraries/ESP8266WebServer/examples/HelloServer/HelloServer.ino

@@ -13,6 +13,8 @@ const char* password = STAPSK;
 
 ESP8266WebServer server(80);
 
+String bigChunk;
+
 const int led = 13;
 
 void handleRoot() {
@@ -36,6 +38,16 @@ void handleNotFound() {
   digitalWrite(led, 0);
 }
 
+void handleChunked() {
+  server.chunkedResponseModeStart(200, F("text/html"));
+
+  server.sendContent(bigChunk);
+  server.sendContent(F("chunk 2"));
+  server.sendContent(bigChunk);
+
+  server.chunkedResponseFinalize();
+}
+
 void setup(void) {
   pinMode(led, OUTPUT);
   digitalWrite(led, 0);
@@ -80,6 +92,8 @@ void setup(void) {
     server.send(200, "image/gif", gif_colored, sizeof(gif_colored));
   });
 
+  server.on("/chunks", handleChunked);
+
   server.onNotFound(handleNotFound);
 
   /////////////////////////////////////////////////////////
@@ -142,6 +156,15 @@ void setup(void) {
   // Hook examples
   /////////////////////////////////////////////////////////
 
+  // prepare chunk in ram for sending
+  constexpr int chunkLen = 4000;  // ~4KB chunk
+  bigChunk.reserve(chunkLen);
+  bigChunk = F("chunk of len ");
+  bigChunk += chunkLen;
+  String piece = F("-blah");
+  while (bigChunk.length() < chunkLen - piece.length())
+    bigChunk += piece;
+
   server.begin();
   Serial.println("HTTP server started");
 }

libraries/ESP8266WebServer/examples/HelloServerBearSSL/HelloServerBearSSL.ino

@@ -27,59 +27,10 @@ const char* password = STAPSK;
 BearSSL::ESP8266WebServerSecure server(443);
 BearSSL::ServerSessions serverCache(5);
 
-static const char serverCert[] PROGMEM = R"EOF(
------BEGIN CERTIFICATE-----
-MIIDSzCCAjMCCQD2ahcfZAwXxDANBgkqhkiG9w0BAQsFADCBiTELMAkGA1UEBhMC
-VVMxEzARBgNVBAgMCkNhbGlmb3JuaWExFjAUBgNVBAcMDU9yYW5nZSBDb3VudHkx
-EDAOBgNVBAoMB1ByaXZhZG8xGjAYBgNVBAMMEXNlcnZlci56bGFiZWwuY29tMR8w
-HQYJKoZIhvcNAQkBFhBlYXJsZUB6bGFiZWwuY29tMB4XDTE4MDMwNjA1NDg0NFoX
-DTE5MDMwNjA1NDg0NFowRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3Rh
-dGUxITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDCCASIwDQYJKoZI
-hvcNAQEBBQADggEPADCCAQoCggEBAPVKBwbZ+KDSl40YCDkP6y8Sv4iNGvEOZg8Y
-X7sGvf/xZH7UiCBWPFIRpNmDSaZ3yjsmFqm6sLiYSGSdrBCFqdt9NTp2r7hga6Sj
-oASSZY4B9pf+GblDy5m10KDx90BFKXdPMCLT+o76Nx9PpCvw13A848wHNG3bpBgI
-t+w/vJCX3bkRn8yEYAU6GdMbYe7v446hX3kY5UmgeJFr9xz1kq6AzYrMt/UHhNzO
-S+QckJaY0OGWvmTNspY3xCbbFtIDkCdBS8CZAw+itnofvnWWKQEXlt6otPh5njwy
-+O1t/Q+Z7OMDYQaH02IQx3188/kW3FzOY32knER1uzjmRO+jhA8CAwEAATANBgkq
-hkiG9w0BAQsFAAOCAQEAnDrROGRETB0woIcI1+acY1yRq4yAcH2/hdq2MoM+DCyM
-E8CJaOznGR9ND0ImWpTZqomHOUkOBpvu7u315blQZcLbL1LfHJGRTCHVhvVrcyEb
-fWTnRtAQdlirUm/obwXIitoz64VSbIVzcqqfg9C6ZREB9JbEX98/9Wp2gVY+31oC
-JfUvYadSYxh3nblvA4OL+iEZiW8NE3hbW6WPXxvS7Euge0uWMPc4uEcnsE0ZVG3m
-+TGimzSdeWDvGBRWZHXczC2zD4aoE5vrl+GD2i++c6yjL/otHfYyUpzUfbI2hMAA
-5tAF1D5vAAwA8nfPysumlLsIjohJZo4lgnhB++AlOg==
------END CERTIFICATE-----
-)EOF";
-
-static const char serverKey[] PROGMEM = R"EOF(
------BEGIN RSA PRIVATE KEY-----
-MIIEpQIBAAKCAQEA9UoHBtn4oNKXjRgIOQ/rLxK/iI0a8Q5mDxhfuwa9//FkftSI
-IFY8UhGk2YNJpnfKOyYWqbqwuJhIZJ2sEIWp2301OnavuGBrpKOgBJJljgH2l/4Z
-uUPLmbXQoPH3QEUpd08wItP6jvo3H0+kK/DXcDzjzAc0bdukGAi37D+8kJfduRGf
-zIRgBToZ0xth7u/jjqFfeRjlSaB4kWv3HPWSroDNisy39QeE3M5L5ByQlpjQ4Za+
-ZM2yljfEJtsW0gOQJ0FLwJkDD6K2eh++dZYpAReW3qi0+HmePDL47W39D5ns4wNh
-BofTYhDHfXzz+RbcXM5jfaScRHW7OOZE76OEDwIDAQABAoIBAQDKov5NFbNFQNR8
-djcM1O7Is6dRaqiwLeH4ZH1pZ3d9QnFwKanPdQ5eCj9yhfhJMrr5xEyCqT0nMn7T
-yEIGYDXjontfsf8WxWkH2TjvrfWBrHOIOx4LJEvFzyLsYxiMmtZXvy6YByD+Dw2M
-q2GH/24rRdI2klkozIOyazluTXU8yOsSGxHr/aOa9/sZISgLmaGOOuKI/3Zqjdhr
-eHeSqoQFt3xXa8jw01YubQUDw/4cv9rk2ytTdAoQUimiKtgtjsggpP1LTq4xcuqN
-d4jWhTcnorWpbD2cVLxrEbnSR3VuBCJEZv5axg5ZPxLEnlcId8vMtvTRb5nzzszn
-geYUWDPhAoGBAPyKVNqqwQl44oIeiuRM2FYenMt4voVaz3ExJX2JysrG0jtCPv+Y
-84R6Cv3nfITz3EZDWp5sW3OwoGr77lF7Tv9tD6BptEmgBeuca3SHIdhG2MR+tLyx
-/tkIAarxQcTGsZaSqra3gXOJCMz9h2P5dxpdU+0yeMmOEnAqgQ8qtNBfAoGBAPim
-RAtnrd0WSlCgqVGYFCvDh1kD5QTNbZc+1PcBHbVV45EmJ2fLXnlDeplIZJdYxmzu
-DMOxZBYgfeLY9exje00eZJNSj/csjJQqiRftrbvYY7m5njX1kM5K8x4HlynQTDkg
-rtKO0YZJxxmjRTbFGMegh1SLlFLRIMtehNhOgipRAoGBAPnEEpJGCS9GGLfaX0HW
-YqwiEK8Il12q57mqgsq7ag7NPwWOymHesxHV5mMh/Dw+NyBi4xAGWRh9mtrUmeqK
-iyICik773Gxo0RIqnPgd4jJWN3N3YWeynzulOIkJnSNx5BforOCTc3uCD2s2YB5X
-jx1LKoNQxLeLRN8cmpIWicf/AoGBANjRSsZTKwV9WWIDJoHyxav/vPb+8WYFp8lZ
-zaRxQbGM6nn4NiZI7OF62N3uhWB/1c7IqTK/bVHqFTuJCrCNcsgld3gLZ2QWYaMV
-kCPgaj1BjHw4AmB0+EcajfKilcqtSroJ6MfMJ6IclVOizkjbByeTsE4lxDmPCDSt
-/9MKanBxAoGAY9xo741Pn9WUxDyRplww606ccdNf/ksHWNc/Y2B5SPwxxSnIq8nO
-j01SmsCUYVFAgZVOTiiycakjYLzxlc6p8BxSVqy6LlJqn95N8OXoQ+bkwUux/ekg
-gz5JWYhbD6c38khSzJb0pNXCo3EuYAVa36kDM96k1BtWuhRS10Q1VXk=
------END RSA PRIVATE KEY-----
-)EOF";
+#define USING_INSECURE_CERTS_AND_KEYS_AND_CAS 1
+#include <ssl-tls-ca-key-cert-example.h>
 
+String bigChunk;
 
 const int led = 13;
 
@@ -104,6 +55,16 @@ void handleNotFound() {
   digitalWrite(led, 0);
 }
 
+void handleChunked() {
+  server.chunkedResponseModeStart(200, F("text/html"));
+
+  server.sendContent(bigChunk);
+  server.sendContent(F("chunk 2"));
+  server.sendContent(bigChunk);
+
+  server.chunkedResponseFinalize();
+}
+
 void setup(void) {
   pinMode(led, OUTPUT);
   digitalWrite(led, 0);
@@ -127,7 +88,7 @@ void setup(void) {
 
   if (MDNS.begin("esp8266")) { Serial.println("MDNS responder started"); }
 
-  server.getServer().setRSACert(new BearSSL::X509List(serverCert), new BearSSL::PrivateKey(serverKey));
+  server.getServer().setRSACert(new BearSSL::X509List(server_cert), new BearSSL::PrivateKey(server_private_key));
 
   // Cache SSL sessions to accelerate the TLS handshake.
   server.getServer().setCache(&serverCache);
@@ -138,8 +99,19 @@ void setup(void) {
     server.send(200, "text/plain", "this works as well");
   });
 
+  server.on("/chunks", handleChunked);
+
   server.onNotFound(handleNotFound);
 
+  // prepare chunk in ram for sending
+  constexpr int chunkLen = 4000;  // ~4KB chunk
+  bigChunk.reserve(chunkLen);
+  bigChunk = F("chunk of len ");
+  bigChunk += chunkLen;
+  String piece = F("-blah");
+  while (bigChunk.length() < chunkLen - piece.length())
+    bigChunk += piece;
+
   server.begin();
   Serial.println("HTTPS server started");
 }

libraries/ESP8266WiFi/examples/BearSSL_Server/BearSSL_Server.ino

@@ -50,93 +50,8 @@ BearSSL::WiFiServerSecure server(443);
 
 //#define USE_EC // Enable Elliptic Curve signed cert
 
-#ifndef USE_EC
-
-// The server's private key which must be kept secret
-const char server_private_key[] PROGMEM = R"EOF(
------BEGIN PRIVATE KEY-----
-MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQDJblrg47vF3qlE
-NMRM7uG8QwE6v/AKpxOL+CLb/32s+dW9Psgf+oZKJgzGkYUoJdWpLitTmTZeykAs
-Sq7Iax5Rq/mGqyAc7oJAUUAupfNRU0KwkD1XqtpQWEFoiqoIqZbOZ4CRX5q8z/MN
-BH1aPVBMKaL33uwknkgJBzxwZJ2+uGKxRJt8+koj1CXgUCk5lEAEEG5kqE326MjN
-O/c4gBqulBV8AIoq6/trY3apTS7FEOiN47qh1PVzoBm/oGVwXvoZAZOj7+gGGo91
-sBC5oHJy5Y2BOcNB3opTNXQTiK3Z80b5wc3iQS+h83qAfHwhs6tfAW22WkAf+jtt
-x8KdRWFNAgMBAAECggEAPd+jFL9/d1lc/zGCNuuN9YlTgFti/bKyo2UWOCOz1AVu
-LVJyoLgQtggYFoqur1Vn2y7uaiB+/gD8U16hb7jPuGCuJjq8g4aUBfOvVmTtZ8a+
-joPQA/TcWJ+zf8xQTJbjVwWeDYmje2oZC5+cbbK1zp9fiuoz+U+RawyI+TE+700i
-ESCmsKFIHy2Ifruva8HgcPYIPpZ9zLxJj0Dii+WDs7zM9h2dzO4HfImSG/DPmgoV
-ydo9IcrUE7KoMLa8Uo7u1b2h6BnTn7GfYiMSUsYcYR3CnpDBknBWjZMwrV0uqv9q
-TbVc4QXt+c1q89HDg7BIJaOAzbCvJfgAfXUqZyqwQQKBgQD5ENFjicUzCqPw7fOy
-Q5Z8GeUbIJ5urT1MheAq7SPd2kK8TsO3hUjNC0LLNSyKPs6gsYaIiObO3wDGeZZk
-xeHBhrUVaz2nIjI7TrnCUpMDOrdxcPr4bc+ifV5YT4W3OFBWQ9chQEx3Nm3DbiX4
-fpno34AiFrJF791JkTPFj9OIUQKBgQDPCgcae1pQr77q+GL5Q2tku3RrE4cWtExf
-m8DzAb4Vxe3EhPz8bVr+71rqr/KqNfG1uKE3sT0fhB6VMTkHTOQU13jDrvpPUS3W
-Vg8cVr5/+iiyF0xb+W8LQ+GVdR5xnMPSZHUtXyURvtzT4nnTAlAtN7lEytX9BzbX
-xhltOOwGPQKBgA/Y/BnDSGLpCGlqGpl7J3YaB7PkLXCJYV8fHZZdpGyXWKu2r0lc
-F7fEQanAZmcde/RJl2/UlisPkXMPhXxAAw9XTOph+nhJ+rw/VB6DNot8DvQO5kks
-Y4vJQlmIJc/0q1fx1RxuhO8I7Y8D0TKwi4Z/wh1pKEq+6mul649kiWchAoGAWn8B
-l9uvIHGRO9eSO23ytTcSrfL9Kzln4KqN7iom0hGP2kRe6F9MVP5+ePKrWSb3Hf0z
-ysoX83ymeYPob352e32rda04EA9lv7giJrrrzbikrSNt5w3iMcRcCB4HTpW9Kmtq
-pIhgBZ+tmpf1s/vg28LtoloeqtjKagpW9tzYnekCgYAZFZ84EGqS9SHw5LELgGY4
-mQLMwbYZ6wBMA2PlqYi/17hoAVWz37mLDjtWDB4ir78QMoGbesQVtK9W/4vzmez4
-ZLKlffdL5tCtA08Gq9aond1z83Xdnh1UjtwHIJvJPc/AoCFW1r5skv/G6acAk6I2
-Zs0aiirNGTEymRX4rw26Qg==
------END PRIVATE KEY-----
-)EOF";
-
-// The server's public certificate which must be shared
-const char server_cert[] PROGMEM = R"EOF(
------BEGIN CERTIFICATE-----
-MIIDUTCCAjmgAwIBAgIJAOcfK7c3JQtnMA0GCSqGSIb3DQEBCwUAMD8xCzAJBgNV
-BAYTAkFVMQ0wCwYDVQQIDAROb25lMQ0wCwYDVQQKDAROb25lMRIwEAYDVQQDDAlF
-U1BTZXJ2ZXIwHhcNMTgwMzE0MTg1NTQ1WhcNMjkwNTMxMTg1NTQ1WjA/MQswCQYD
-VQQGEwJBVTENMAsGA1UECAwETm9uZTENMAsGA1UECgwETm9uZTESMBAGA1UEAwwJ
-RVNQU2VydmVyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyW5a4OO7
-xd6pRDTETO7hvEMBOr/wCqcTi/gi2/99rPnVvT7IH/qGSiYMxpGFKCXVqS4rU5k2
-XspALEquyGseUav5hqsgHO6CQFFALqXzUVNCsJA9V6raUFhBaIqqCKmWzmeAkV+a
-vM/zDQR9Wj1QTCmi997sJJ5ICQc8cGSdvrhisUSbfPpKI9Ql4FApOZRABBBuZKhN
-9ujIzTv3OIAarpQVfACKKuv7a2N2qU0uxRDojeO6odT1c6AZv6BlcF76GQGTo+/o
-BhqPdbAQuaBycuWNgTnDQd6KUzV0E4it2fNG+cHN4kEvofN6gHx8IbOrXwFttlpA
-H/o7bcfCnUVhTQIDAQABo1AwTjAdBgNVHQ4EFgQUBEk8LqgV+sMjdl/gpP1OlcNW
-14EwHwYDVR0jBBgwFoAUBEk8LqgV+sMjdl/gpP1OlcNW14EwDAYDVR0TBAUwAwEB
-/zANBgkqhkiG9w0BAQsFAAOCAQEAO1IrqW21KfzrxKmtuDSHdH5YrC3iOhiF/kaK
-xXbigdtw6KHW/pIhGiA3BY5u+d5eVuHTR5YSwIbbRvOjuoNBATAw/8f5mt5Wa+C3
-PDpLNxDys561VbCW45RMQ0x5kybvDYi0D1R/grqZ18veuFSfE6QMJ/mzvr575fje
-8r5Ou0IZOYYF8cyqG5rA4U7BYXEnH44VgwlpkF8pitPsnyUWaAYqE0KnZ0qw0Py4
-HCkfGJNlNOOamnr6KakVlocwKY0SdxcLoXSs5ogTQvTSrAOjwcm1RA0hOCXr8f/f
-UsQIIGpPVh1plR1vYNndDeBpRJSFkoJTkgAIrlFzSMwNebU0pg==
------END CERTIFICATE-----
-)EOF";
-
-#else
-const char server_cert[] PROGMEM = R"EOF(
------BEGIN CERTIFICATE-----
-MIIB0zCCAXqgAwIBAgIJALANi2eTiGD/MAoGCCqGSM49BAMCMEUxCzAJBgNVBAYT
-AkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBXaWRn
-aXRzIFB0eSBMdGQwHhcNMTkwNjExMjIyOTU2WhcNMjAwNjEwMjIyOTU2WjBFMQsw
-CQYDVQQGEwJBVTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50ZXJu
-ZXQgV2lkZ2l0cyBQdHkgTHRkMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAExIkZ
-w7zjk6TGcScff1PAehuEGmKZTf8VfnkjyJH0IbBgZibZ+qwYGBEnkz4KpKv7TkHo
-W+j7F5EMcLcSrUIpy6NTMFEwHQYDVR0OBBYEFI6A0f+g0HyxUT6xrbVmRU79urbj
-MB8GA1UdIwQYMBaAFI6A0f+g0HyxUT6xrbVmRU79urbjMA8GA1UdEwEB/wQFMAMB
-Af8wCgYIKoZIzj0EAwIDRwAwRAIgWvy7ofQTGZMNqxUfe4gjtkU+C9AkQtaOMW2U
-5xFFSvcCICvcGrQpoi7tRTq8xsXFmr8MYWgQTpVAtj6opXMQct/l
------END CERTIFICATE-----
-)EOF";
-
-// The server's private key which must be kept secret
-const char server_private_key[] PROGMEM = R"EOF(
------BEGIN EC PARAMETERS-----
-BggqhkjOPQMBBw==
------END EC PARAMETERS-----
------BEGIN EC PRIVATE KEY-----
-MHcCAQEEIKyLR9/NT7ZdWM+2rklehveuk+jyIHJ+P8ZUQ392HOYvoAoGCCqGSM49
-AwEHoUQDQgAExIkZw7zjk6TGcScff1PAehuEGmKZTf8VfnkjyJH0IbBgZibZ+qwY
-GBEnkz4KpKv7TkHoW+j7F5EMcLcSrUIpyw==
------END EC PRIVATE KEY-----
-)EOF";
-
-#endif
+#define USING_INSECURE_CERTS_AND_KEYS_AND_CAS 1
+#include <ssl-tls-ca-key-cert-example.h>
 
 #define CACHE_SIZE 5  // Number of sessions to cache.
 #define USE_CACHE     // Enable SSL session caching.