Table of Contents
Advertisement
Chapter 2. API Reference
• skip server verification:
ing purpose.
The option can be set by enabling
FIG_ESP_TLS_SKIP_SERVER_CERT_VERIFY
ESP-TLS will skip server verification by default when no other options for server verification are selected in
the
esp_tls_cfg_t
TLS connection with a server which has a fake identity, provided that the server certificate is not provided either
through API or other mechanism like ca_store etc.
Underlying SSL/TLS Library Options
The ESP-TLS component has an option to use mbedtls or wolfssl as their underlying SSL/TLS library. By default
only mbedtls is available and is used, wolfssl SSL/TLS library is available publicly at
esp-wolfssl. The repository provides wolfssl component in binary format, it also provides few examples which are
useful for understanding the API. Please refer the repository README.md for information on licensing and other
options. Please see below option for using wolfssl in your project.
Note: As the library options are internal to ESP-TLS, switching the libries will not change ESP-TLS specific code for
a project.
How to use wolfssl with ESP-IDF
There are two ways to use wolfssl in your project
1) Directly add wolfssl as a component in your project with following three commands.:
(First change directory (cd) to your project directory)
mkdir components
cd components
git clone https://github.com/espressif/esp-wolfssl.git
2) Add wolfssl as an extra component in your project.
• Download wolfssl with:
git clone https://github.com/espressif/esp-wolfssl.git
• Include esp-wolfssl in ESP-IDF with setting EXTRA_COMPONENT_DIRS in CMakeLists.txt/Makefile of
your project as done in wolfssl/examples. For reference see Optional Project variables in
After above steps, you will have option to choose wolfssl as underlying SSL/TLS library in configuration menu of
your project as follows:
idf.py/make menuconfig -> ESP-TLS -> choose SSL/TLS Library -> mbedtls/wolfssl
Comparison between mbedtls and wolfssl
The following table shows a typical comparison between wolfssl and mbedtls when
ple (which has server authentication) was run with both SSL/TLS libraries and with all respective configurations
set to default. (mbedtls IN_CONTENT length and OUT_CONTENT length were set to 16384 bytes and 4096 bytes
respectively)
Espressif Systems
This is an insecure option provided in the ESP-TLS for test-
in the ESP-TLS menuconfig. When this option is enabled the
structure. WARNING:Enabling this option comes with a potential risk of establishing a
Property
Total Heap Consumed
Task Stack Used
Bin size
520
Submit Document Feedback
CONFIG_ESP_TLS_INSECURE
https://github.com/espressif/
protocols/https_request
Wolfssl
Mbedtls
~19 Kb
~37 Kb
~2.2 Kb
~3.6 Kb
~858 Kb
~736 Kb
and
CON-
build-system.
exam-
Release v4.4
Advertisement
Table of Contents
Need help?
Do you have a question about the ESP32-S2 and is the answer not in the manual?