arduino-esp32

History

kliment 7a92f89d12 Set TLS cert options before calling connect on client, so verify works (#3774 ) When connecting using transportTraits, the CA and client certificates are ignored after the initial _client->connect() is called. This is because on connect, WiFiClientSecure will call start_ssl_client with _CA_Cert and other cert options set to null unless setCACert, setCertificate etc. are called before connect. Running _transportTraits->verify after connect therefore does exactly nothing. It's easy to verify that this is the case by passing a CACert to HTTPClient with verbose logging enabled - the logs will say "WARNING: Use certificates for a more secure communication!" which is only present when both PSK and CA are null. This change fixes the issue.	2020-09-30 14:41:03 +03:00
..
HTTPClient.cpp	Set TLS cert options before calling connect on client, so verify works (#3774 )	2020-09-30 14:41:03 +03:00
HTTPClient.h	Bugfix/http client (#2867 )	2019-08-20 17:18:09 +03:00

Set TLS cert options before calling connect on client, so verify works (#3774 )

When connecting using transportTraits, the CA and client certificates are ignored after the initial _client->connect() is called. This is because on connect, WiFiClientSecure will call start_ssl_client with _CA_Cert and other cert options set to null unless setCACert, setCertificate etc. are called before connect. Running _transportTraits->verify after connect therefore does exactly nothing. It's easy to verify that this is the case by passing a CACert to HTTPClient with verbose logging enabled - the logs will say "WARNING: Use certificates for a more secure communication!" which is only present when both PSK and CA are null. This change fixes the issue.

2020-09-30 14:41:03 +03:00

HTTPClient.cpp

Set TLS cert options before calling connect on client, so verify works (#3774 )

2020-09-30 14:41:03 +03:00

HTTPClient.h

Bugfix/http client (#2867 )

2019-08-20 17:18:09 +03:00