From 7726102bfb2c8897573de0a8085dc524e659e62a Mon Sep 17 00:00:00 2001 From: Jitin George Date: Wed, 12 Jun 2019 14:12:59 +0530 Subject: [PATCH] esp_http_client: Add support to disable validation of certificate's CN field --- components/esp_http_client/esp_http_client.c | 4 ++++ components/esp_http_client/include/esp_http_client.h | 1 + 2 files changed, 5 insertions(+) diff --git a/components/esp_http_client/esp_http_client.c b/components/esp_http_client/esp_http_client.c index b96bcd87c..d77a07feb 100644 --- a/components/esp_http_client/esp_http_client.c +++ b/components/esp_http_client/esp_http_client.c @@ -506,6 +506,10 @@ esp_http_client_handle_t esp_http_client_init(const esp_http_client_config_t *co if (config->client_key_pem) { esp_transport_ssl_set_client_key_data(ssl, config->client_key_pem, strlen(config->client_key_pem)); } + + if (config->skip_cert_common_name_check) { + esp_transport_ssl_skip_common_name_check(ssl); + } #endif if (_set_config(client, config) != ESP_OK) { diff --git a/components/esp_http_client/include/esp_http_client.h b/components/esp_http_client/include/esp_http_client.h index 8ece63607..75c74e4d7 100644 --- a/components/esp_http_client/include/esp_http_client.h +++ b/components/esp_http_client/include/esp_http_client.h @@ -118,6 +118,7 @@ typedef struct { void *user_data; /*!< HTTP user_data context */ bool is_async; /*!< Set asynchronous mode, only supported with HTTPS for now */ bool use_global_ca_store; /*!< Use a global ca_store for all the connections in which this bool is set. */ + bool skip_cert_common_name_check; /*!< Skip any validation of server certificate CN field */ } esp_http_client_config_t; /**