I'm running the OTA "simple example" which is based on the esp_http_client library.
Now, the documentation says, that if you do not want to verify the host, you can omit the "config.cert_pem" entry. However, when I leave this out like so:
Code: Select all
esp_http_client_config_t config;
config.url = C_ota_url.txt;
// config.cert_pem = NULL;//(char *)server_cert_pem_start;
config.event_handler = _http_event_handler;
esp_err_t ret = esp_https_ota(&config);
if (ret == ESP_OK) {
esp_restart();
} else {
ESP_LOGE(TAG, "Firmware Upgrades Failed");
ota_cancel();
}
while (1) {
vTaskDelay(1000 / portTICK_PERIOD_MS);
}
Code: Select all
E (12684) esp-tls: mbedtls_x509_crt_parse returned -0x2180
E (12684) esp-tls: Failed to open new connection
E (12684) TRANS_SSL: Failed to open a new connection
E (12694) HTTP_CLIENT: Connection failed, sock < 0
E (12694) esp_https_ota: Failed to open HTTP connection: ESP_ERR_HTTP_CONNECT
E (12704) simple_ota_example: Firmware Upgrades Failed
When I fill it in, it works. But I want to skip the SSL verification.