[Ovmsdev] Urgent TLS root certificate issue (Let's Encrypt)

[Stephen Casner]

On Tue, 28 Sep 2021, Michael Balzer wrote:

> I can now confirm it's a WolfSSL issue :-(
>
> I've switched back to release 3.2.016, i.e. before changing to WolfSSL, and
> the ISRG Root X1 certificate works perfectly, just as it should.

I thought perhaps it was due to missing SHA256 since that symbol is
not in user_settings.h whereas 224, 384 and 512 are.  But that's not
it since there is no macro WOLFSSL_SHA256 (it must be the default).

> Steve, I remember you included a config option to enable using WolfSSL, but
> cannot find it now. Can you give me a pointer, or did you remove that option
> later on?

The control of whether TLS goes through MBEDTLS or wolfssl is
controlled by changes in mongoose.  See commit
b050c434142077989433d8ae5c8597b08f57eb13.

                                                        -- Steve

p.s. I'll be offline now for an hour or two.