Update ModbusTLS.h

[smilexs4]

Issue

When using a hostname to connect to a TLS secured Modbus server, the hostname is resolved into an IP address by the library, which mismatches the server's subject CN field (hostname) and causes a handshake error.

Solution

Pass host to WiFiClientSecure->connect without resolving it to an IPAddress.

Before the changes:

[1703416][V][ssl_client.cpp:62] start_ssl_client(): Free internal heap before TLS 252728
[1703416][V][ssl_client.cpp:68] start_ssl_client(): Starting socket
[1703465][V][ssl_client.cpp:146] start_ssl_client(): Seeding the random number generator
[1703466][V][ssl_client.cpp:155] start_ssl_client(): Setting up the SSL/TLS structure...
[1703470][V][ssl_client.cpp:178] start_ssl_client(): Loading CA cert
[1703479][V][ssl_client.cpp:234] start_ssl_client(): Loading CRT cert
[1703484][V][ssl_client.cpp:243] start_ssl_client(): Loading private key
[1703493][V][ssl_client.cpp:254] start_ssl_client(): Setting hostname for TLS session...
[1703496][V][ssl_client.cpp:269] start_ssl_client(): Performing the SSL/TLS handshake...
[1703575][E][ssl_client.cpp:37] _handle_error(): [start_ssl_client():273]: (-9984) X509 - Certificate verification failed, e.g. CRL, CA or signature check failed
[1703578][E][WiFiClientSecure.cpp:144] connect(): start_ssl_client: -9984
[1703586][V][ssl_client.cpp:321] stop_ssl_socket(): Cleaning SSL connection

After the changes:

[  5613][V][ssl_client.cpp:62] start_ssl_client(): Free internal heap before TLS 212840
[  5620][V][ssl_client.cpp:68] start_ssl_client(): Starting socket
[  5678][V][ssl_client.cpp:146] start_ssl_client(): Seeding the random number generator
[  5678][V][ssl_client.cpp:155] start_ssl_client(): Setting up the SSL/TLS structure...
[  5682][V][ssl_client.cpp:178] start_ssl_client(): Loading CA cert
[  5691][V][ssl_client.cpp:234] start_ssl_client(): Loading CRT cert
[  5697][V][ssl_client.cpp:243] start_ssl_client(): Loading private key
[  5705][V][ssl_client.cpp:254] start_ssl_client(): Setting hostname for TLS session...
[  5708][V][ssl_client.cpp:269] start_ssl_client(): Performing the SSL/TLS handshake...
[  5716][D][ssl_client.cpp:282] start_ssl_client(): Protocol is TLSv1.2 Ciphersuite is TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256
[  5727][D][ssl_client.cpp:284] start_ssl_client(): Record expansion is 29
[  5733][V][ssl_client.cpp:290] start_ssl_client(): Verifying peer X.509 certificate...
[  5741][V][ssl_client.cpp:298] start_ssl_client(): Certificate verified.
[  5748][V][ssl_client.cpp:313] start_ssl_client(): Free internal heap after TLS 176132

cert.cmd used to generate certificates on Windows:

set OPATH=D:\programs\OpenSSL-Win64\bin

:: CN is not verified for the CA so it doesn't matter
"%OPATH%\openssl" req -new -x509 -nodes -days 365 -extensions v3_ca -keyout ca.key -out ca.crt -subj "/CN=TrustedCA.net"

:: CN is verified for the server so it must be the same as the connection host
"%OPATH%\openssl" genrsa -out server.key 2048
"%OPATH%\openssl" req -out server.csr -key server.key -new -subj "/CN=yourdomain.com"
"%OPATH%\openssl" x509 -req -in server.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out server.crt -days 365

"%OPATH%\openssl" genrsa -out client.key 2048
"%OPATH%\openssl" req -out client.csr -key client.key -new -subj "/CN=client"
"%OPATH%\openssl" x509 -req -in client.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out client.crt -days 365

Tested on ESP32 Dev Module