espressif/esp-idf
1
0
Fork 1
mirror of https://github.com/espressif/esp-idf.git synced 2026-05-03 19:41:55 +02:00
Code Issues Packages Projects Releases Wiki Activity

docs: Add section for server verification (esp_https_ota)

Browse Source 
- Updated OTA example README
This commit is contained in:
Laukik Hase
2022-04-26 18:04:56 +05:30
parent f38e6cb4fa
commit 1a7eac2d69
3 changed files with 17 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files
docs/en/api-reference/protocols/esp_tls.rst
+2
View File
@@ -40,6 +40,8 @@ The ESP-TLS component has a file :component_file:`esp-tls/esp_tls.h` which cont
of the two SSL/TLS Libraries between mbedtls and wolfssl for its operation. API specific to mbedtls are present in :component_file:`esp-tls/private_include/esp_tls_mbedtls.h` and API
specific to wolfssl are present in :component_file:`esp-tls/private_include/esp_tls_wolfssl.h`.
.. _esp_tls_server_verification:
TLS Server verification
-----------------------
docs/en/api-reference/system/esp_https_ota.rst
+8
View File
@@ -32,6 +32,14 @@ Application Example
return ESP_OK;
}
Server Verification
-------------------
Please refer to :ref:`ESP-TLS: TLS Server Verification <esp_tls_server_verification>` for more information on server verification. The root certificate (in PEM format) needs to be provided to the :cpp:member:`esp_http_client_config_t::cert_pem` member.
.. note:: The server-endpoint **root** certificate should be used for verification instead of any intermediate ones from the certificate chain. The reason being that the root certificate has the maximum validity and usually remains the same for a long period of time. Users can also use the ``ESP x509 Certificate Bundle`` feature for verification, which covers most of the trusted root certificates (using the :cpp:member:`esp_http_client_config_t::crt_bundle_attach` member).
Partial Image Download over HTTPS
---------------------------------