feat: OTA TLS cert verification + CI release pipeline
Wire ESP-IDF's built-in 150-CA root bundle to the OTA HTTP client so HTTPS OTA verifies server certificates. Pin bundle config in sdkconfig.defaults. Replace dead artifact-copy step with Gitea release creation on tag push. Bump CI container to IDF v5.5.
This commit is contained in:
@@ -35,6 +35,7 @@
|
||||
#include "esp_random.h"
|
||||
#include "esp_ota_ops.h"
|
||||
#include "esp_https_ota.h"
|
||||
#include "esp_crt_bundle.h"
|
||||
#include "esp_partition.h"
|
||||
#include "esp_chip_info.h"
|
||||
#include "esp_http_client.h"
|
||||
@@ -1235,6 +1236,7 @@ static void ota_task(void *arg)
|
||||
esp_http_client_config_t http_cfg = {
|
||||
.url = url,
|
||||
.timeout_ms = 30000,
|
||||
.crt_bundle_attach = esp_crt_bundle_attach,
|
||||
};
|
||||
|
||||
esp_https_ota_config_t ota_cfg = {
|
||||
|
||||
Reference in New Issue
Block a user