From 3e678972311b4b01a979702759d8c332f33069af Mon Sep 17 00:00:00 2001
From: hkspks <44447229+hkspks@users.noreply.github.com>
Date: Mon, 20 Apr 2026 15:07:56 +0200
Subject: [PATCH 1/2] Update TLS.md

Added instructions to reset the TLS fingerprint - a common issue, if the fingerprint changes due to server reconfiguration.
---
 docs/TLS.md | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/docs/TLS.md b/docs/TLS.md
index aaf7117407..cbefca703f 100644
--- a/docs/TLS.md
+++ b/docs/TLS.md
@@ -34,6 +34,13 @@ or
 #define MQTT_FINGERPRINT2      0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00
 ```
 
+The fingerprint may change after the MQTT server is reconfigured. To fix connection problems, you can clear the stored fingerprint and tell Tasmota to relearn the fingerprint automatically on the next connection.
+```
+MqttFingerprint1 00
+MqttFingerprint2 00
+```
+Only do this if you are sure the changed fingerprint does not indicate a security problem.
+
 #### Option 2: Disable Fingerprint
 You can completely disable server fingerprint validation, which means that Tasmota will not check the server's identity. This also means that your traffic can possibly be intercepted and read/changed, so this option should only be used on trusted networks, i.e. with an MQTT on your local network. **YOU HAVE BEEN WARNED!**
 

From 72d1e0251767c0fc40e99a810025e239c3b370cd Mon Sep 17 00:00:00 2001
From: hkspks <44447229+hkspks@users.noreply.github.com>
Date: Tue, 21 Apr 2026 08:06:23 +0200
Subject: [PATCH 2/2] Update TLS.md

Added the note, only to clear one fingerprint at a time
---
 docs/TLS.md | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/docs/TLS.md b/docs/TLS.md
index cbefca703f..adb511000b 100644
--- a/docs/TLS.md
+++ b/docs/TLS.md
@@ -34,10 +34,9 @@ or
 #define MQTT_FINGERPRINT2      0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00
 ```
 
-The fingerprint may change after the MQTT server is reconfigured. To fix connection problems, you can clear the stored fingerprint and tell Tasmota to relearn the fingerprint automatically on the next connection.
+The fingerprint may change after the MQTT server is reconfigured. To fix connection problems, you can clear *one* of the stored fingerprints and tell Tasmota to relearn the fingerprint automatically on the next connection. It is important only to clear *one* of the two stored fingerprints in order to avoid to make the device vulnerable. The console command for clearing Fingerprint1 is (for Fingerprint2 just swap the number):
 ```
 MqttFingerprint1 00
-MqttFingerprint2 00
 ```
 Only do this if you are sure the changed fingerprint does not indicate a security problem.