[Ovmsdev] Time for release 3.2.016?

Stephen Casner casner at acm.org
Wed Feb 24 03:57:27 HKT 2021


Michael,

> Second is, the Mongoose/wolfSSL version doesn't validate CA certs the mbedTLS
> version has no issues with:
>
> I (340220) ovms-server-v2: Connection is ovms.dexters-web.de:6870 TEST1
> E (340670) ovms-server-v2: mg_connect(ovms.dexters-web.de:6870) failed:
> Invalid SSL CA cert
> E (340670) ovms-server-v2: Status: Error: Connection failed

The problem here is that some modifications are needed analogous to
the change that Mark made in mongoose.c in 58942ce9 for MBEDTLS to
accept a directly embedded PEM certificate chain.  As the code stands,
we are giving wolfssl the PEM certificate chain as a char* argument
that it then tries to interpert as a filename.  I have not yet
determined whether wolfssl includes an alternative function to accept
the cert chain directly or if I will need to add one.

                                                        -- Steve


More information about the OvmsDev mailing list