On Tue, 28 Sep 2021, Michael Balzer wrote:
I can now confirm it's a WolfSSL issue :-(
I've switched back to release 3.2.016, i.e. before changing to WolfSSL, and the ISRG Root X1 certificate works perfectly, just as it should.
I thought perhaps it was due to missing SHA256 since that symbol is not in user_settings.h whereas 224, 384 and 512 are. But that's not it since there is no macro WOLFSSL_SHA256 (it must be the default).
Steve, I remember you included a config option to enable using WolfSSL, but cannot find it now. Can you give me a pointer, or did you remove that option later on?
The control of whether TLS goes through MBEDTLS or wolfssl is controlled by changes in mongoose. See commit b050c434142077989433d8ae5c8597b08f57eb13. -- Steve p.s. I'll be offline now for an hour or two.