HTTP client without verification with ATECC enabled for TLS issue.
Posted: Fri Mar 21, 2025 10:51 am
I am using ESP-IDF 4.2.1 with ATECC enabled for TLS. In my code, I use ATECC for establishing a TLS connection with a certificate. Now, I want to add an HTTP request to an HTTPS endpoint without certification verification. Below is the code I am using:
The issue I’m facing is that if I don’t perform a soft reset on the ATECC after deinitializing the HTTP client, or if I only use the ATECC semaphore for esp_http_client_perform(), I get a certificate verification error. It appears that the ATECC retains the client’s settings until it is reinitialized. If I use it for TLS before a soft reset or deinit, it seems to inherit the previous client configuration, causing certificate verification to be skipped.
Is this expected behavior, or could it be a bug?
Code: Select all
void test()
{
esp_http_client_config_t config = {
.url = url,
.cert_pem = NULL,
.event_handler = http_event_handler,
.transport_type = HTTP_TRANSPORT_OVER_SSL,
.use_global_ca_store = false,
.skip_cert_common_name_check = true,
};
take_atecc_sem();
esp_http_client_handle_t client = esp_http_client_init(&config);
if (client == NULL)
{
ESP_LOGE("HTTP", "Failed to initialize client");
return;
}
esp_err_t err = esp_http_client_perform(client);
if (err == ESP_OK) {
ESP_LOGI("HTTP", "HTTPS request successful, Status = %d", esp_http_client_get_status_code(client));
} else {
ESP_LOGE("HTTP", "HTTP request failed: %s", esp_err_to_name(err));
}
esp_http_client_cleanup(client);
//soft reset
atcab_release();
atcab_init(&cfg_ateccx08a_i2c_default);
release_atecc_sem();
}Is this expected behavior, or could it be a bug?