Secure communication between hub and raspberry pi

Hello,

I’m currently researching for a way to establish secure/encrypted communication between my ST hub and a raspberry pi on my LAN. I’m doing this under the assumption that my LAN is not secure (it is, but it’s a fun challenge to build another layer of protection between the two devices).

I tried to use HTTPS for communication, but ST does not allow self-signed certificates and would throw a security exception. On the other hand I also cannot get a legit certificate (say from let’s encrypt) for my non-publicly accessible, LAN only pi server. I guess I could use DDNS and port forwarding to make it publicly accessible but that would really be the last resort.

Next I thought about maybe encrypting the messages before sending them over plain-text HTTP. However I don’t think the ST platform has any crypto libraries, which makes encryption very difficult.

Annnd I’m out of ideas. Is there a protocol besides HTTP/REST that I can use for secure LAN communication? Any help would be greatly appreciated!

PI’s accept SSH…not sure if the hub does.