username/esp32-hacking
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 9 Wiki Activity

feat: OTA TLS cert verification + CI release pipeline
Some checks failed
Lint & Build / Security Flaw Analysis (push) Successful in 15s
Details
Lint & Build / Secret Scanning (push) Successful in 5s
Details
Lint & Build / C/C++ Static Analysis (push) Failing after 34s
Details
Lint & Build / Build Firmware (push) Has been skipped
Details

Browse Source 
Wire ESP-IDF's built-in 150-CA root bundle to the OTA HTTP client
so HTTPS OTA verifies server certificates. Pin bundle config in
sdkconfig.defaults. Replace dead artifact-copy step with Gitea
release creation on tag push. Bump CI container to IDF v5.5.
This commit is contained in:
user
2026-02-14 22:38:41 +01:00
parent 0bcb5ddf0c
commit c76c1ee61b
6 changed files with 40 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
get-started/csi_recv_router/main/app_main.c
View File

@@ -35,6 +35,7 @@
#include "esp_random.h"
#include "esp_ota_ops.h"
#include "esp_https_ota.h"
#include "esp_crt_bundle.h"
#include "esp_partition.h"
#include "esp_chip_info.h"
#include "esp_http_client.h"
@@ -1235,6 +1236,7 @@ static void ota_task(void *arg)
esp_http_client_config_t http_cfg = {
.url = url,
.timeout_ms = 30000,
.crt_bundle_attach = esp_crt_bundle_attach,
};
esp_https_ota_config_t ota_cfg = {