Use TLS encryption and authentication

[fschwebel]

This project looks interesting but it is stated that authentication of flows is made using HTTP basic. It would be ideal to encrypt and authenticate servers-controller communication using TLS with mutual auth, and client-controller with TLS.

[knrdl]

That's a really important point. But I'm sorry, currently it is not planned to include TLS directly into the application. As mentioned in the description the project is thought for small, private networks. I use it for example to monitor my raspberry pi's (and similar devices) in my home network.

However it should not be very complicated to install nginx- or apache-webserver with TLS on server-and controller-host-machine and use them as reverse proxy. So client-server-communication will be done via TLS up to the webserver and unencrypted only on internal machine when passing the request to the yamot-service.

This should work for the server (when serving measurement-data) as well as for the controller (when serving the client-files).

Maybe you could figure out a working configuration which would be a great enhancement for the project
: )