emonTx, ESP8266 module, SSL/TLS support

I have an emonTx V3 from 2019, with a ESP8266 module added this year from the shop. It’s configured to chat with an emoncms instance that runs in a LXD container. This all works just fine.

What I don’t understand is why it needs a SHA1 fingerprint supplied to enable SSL/TLS. I’m using LetsEncrypt for certificates, so the fingerprint is going to change every 90 days. I’d much prefer to have the traffic from the 8266 to the emoncms instance be TLS protected, simply because it would mean this one container doesn’t need to have a reverse proxy configuration that’s a bit different from the rest (Caddy, the software being used to proxy from the web container to the emoncms container, auto-upgrades to https by default and requires a very small dance to not do this).

So, why is the fingerprint needed to enable TLS? :slight_smile: Is there a different sketch for the 8266 that can do TLS without needing a fingerprint?