diff --git a/docs/en/api-reference/protocols/esp_https_server.rst b/docs/en/api-reference/protocols/esp_https_server.rst index e1ac55111f..20fa05c996 100644 --- a/docs/en/api-reference/protocols/esp_https_server.rst +++ b/docs/en/api-reference/protocols/esp_https_server.rst @@ -73,7 +73,9 @@ Application Examples HTTPS Server Cert Selection Hook -------------------------------- -The ESP HTTPS Server component provides an option to set the server certification selection hook. This feature allows you to configure and use a certificate selection callback during server handshake. The callback helps to select a certificate to present to the client based on the TLS extensions supplied in the client hello message, such as ALPN and SNI. To enable this feature, please enable :ref:`CONFIG_ESP_HTTPS_SERVER_CERT_SELECT_HOOK` in the ESP HTTPS Server menuconfig. Note that you also need to enable :ref:`CONFIG_ESP_TLS_SERVER_CERT_SELECT_HOOK` from the ESP-TLS component, as this option depends on it. Please note that the ESP-TLS option is only available when Mbedtls is used as the TLS stack for ESP-TLS (default behaviour). +The ESP HTTPS Server component provides an option to set the server certification selection hook. This feature allows you to configure and use a certificate selection callback during server handshake. The callback helps to select a certificate to present to the client based on the TLS extensions supplied in the client hello message, such as ALPN and SNI. + +To enable this feature, please enable :ref:`CONFIG_ESP_HTTPS_SERVER_CERT_SELECT_HOOK` in the ESP HTTPS Server menuconfig. Please note that the ESP-TLS option is only available when Mbedtls is used as the TLS stack for ESP-TLS (default behaviour). When enabled, you can set the certificate selection callback using the :cpp:member:`httpd_ssl_config::cert_select_cb` member of the :cpp:type:`httpd_ssl_config_t` structure. diff --git a/docs/zh_CN/api-reference/protocols/esp_https_server.rst b/docs/zh_CN/api-reference/protocols/esp_https_server.rst index 9771c0afcf..eb6ba23a9b 100644 --- a/docs/zh_CN/api-reference/protocols/esp_https_server.rst +++ b/docs/zh_CN/api-reference/protocols/esp_https_server.rst @@ -70,6 +70,28 @@ ESP HTTPS 服务器在特定事件发生时,可以通过 :doc:`../system/esp_e - :example:`protocols/https_server/wss_server` 演示了如何创建一个支持多客户端的 SSL 服务器,具备简单的 WebSocket 请求处理器、PING-PONG 机制,并能够向所有客户端发送异步消息。 +HTTPS 服务器证书选择钩子 +------------------------ + +ESP HTTPS 服务器组件提供了设置服务器证书选择钩子的选项。启用此功能后,在服务器握手过程中,可以配置并使用证书选择回调函数。该回调函数会根据客户端 hello 消息中提供的 TLS 扩展(如 ALPN 和 SNI),动态选择合适的证书发送给客户端。 + +要启用此功能,请先在 ESP HTTPS 服务器的 menuconfig 中启用 :ref:`CONFIG_ESP_HTTPS_SERVER_CERT_SELECT_HOOK`。请注意,只有当 Mbedtls 被用作 ESP-TLS 的 TLS 协议栈(默认行为)时,ESP-TLS 选项才可使用。 + +启用此功能后,请使用 :cpp:type:`httpd_ssl_config_t` 结构体中的 :cpp:member:`httpd_ssl_config::cert_select_cb` 成员,设置证书选择回调函数。 + +.. code-block:: c + + int cert_selection_callback(mbedtls_ssl_context *ssl) + { + /* 回调函数应执行的代码 */ + return 0; + } + + httpd_ssl_config_t cfg = { + cert_select_cb = cert_section_callback, + }; + + API 参考 ---------