I would like to download a simple file from a web server with https.
I'd downloaded the certificate from server with firefox and I'd stored it with ca_cert.pem named text file. It is a correct server cert.
I tried this code:
Code: Select all
extern const uint8_t server_cert_pem_start[] asm("_binary_ca_cert_pem_start");
extern const uint8_t server_cert_pem_end[] asm("_binary_ca_cert_pem_end");
...
esp_err_t res=esp_tls_init_global_ca_store();
res=esp_tls_set_global_ca_store(server_cert_pem_start, server_cert_pem_end-server_cert_pem_start);
esp_http_client_config_t config = {
.url=UPDATE_JSON_URL,
.transport_type=HTTP_TRANSPORT_OVER_SSL,
.event_handler=http_event_handler,
.skip_cert_common_name_check=true,
.cert_pem=(char *) server_cert_pem_start
};
esp_http_client_handle_t client=esp_http_client_init(&config);
res=esp_http_client_perform(client);
E (5481) esp-tls-mbedtls: mbedtls_ssl_handshake returned -0x2700
I (5481) esp-tls-mbedtls: Failed to verify peer certificate!
I (5501) esp-tls-mbedtls: verification info: ! The certificate is not correctly signed by the trusted CA
E (5501) esp-tls: Failed to open new connection
E (5511) TRANSPORT_BASE: Failed to open a new connection
E (5511) HTTP_CLIENT: Connection failed, sock < 0
Is there an error in my code?
thx,
Zamek