feedc0de/esp-idf
1
0
Fork 0
forked from espressif/esp-idf
Code Pull Requests Activity

fix: Force validate when using the default crt bundle

Browse Source
This commit is contained in:
Michael Stoll
2025-03-03 18:10:54 +01:00
committed by Kapil Gupta
parent dbb1715325
commit ef0ab70bd2
1 changed files with 1 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
components/wpa_supplicant/esp_supplicant/src/crypto/tls_mbedtls.c
View File

@@ -536,6 +536,7 @@ static int set_client_config(const struct tls_connection_params *cfg, tls_contex
#ifdef CONFIG_MBEDTLS_CERTIFICATE_BUNDLE
if (cfg->flags & TLS_CONN_USE_DEFAULT_CERT_BUNDLE) {
mbedtls_ssl_conf_authmode(&tls->conf, MBEDTLS_SSL_VERIFY_REQUIRED);
wpa_printf(MSG_INFO, "Using default cert bundle");
if (esp_crt_bundle_attach_fn) {
ret = (*esp_crt_bundle_attach_fn)(&tls->conf);