1 Topic by parmstrong3 (edited by parmstrong3 2024-06-21 14:53:50)

  • Registered: 2024-06-21
  • Posts: 5

Topic: ESP32 Platformio 3.3.3 ESP-IDF v5.2.1; esp_http_client + wolfSSL fail

(EDIT: this forum will NOT allow you to use the word "http" since it counts it as a link and there are only three links allowed per message, so, below, replace the letters xxx with h t t p )

We've had a few ESP32 projects using older PlatformIO and the ESP-IDF platform of such, all of which use the esp_xxx_client with the wolfSSL integration instead of bloated mbedtls.

However, in going to the most recent versions (i.e. ESP-IDF v5.2+), we found out that the wolfSSL component was removed, well, not removed, but went to the GPL2.0 version of wolfSSL.  Eventually, we've always gone with the commercial license version of wolfSSL, which has worked great in the past because we simply replace the wolfSSL component with our own, and voila -- working product with the esp_xxx_client.

Also, in relation to esp_xxx_client and with this recent PlatformIO + ESP-IDF v5.2, everything broke in the build, and I've tried various pages such as https://www.wolfssl.com/wolfssl-now-sup … latformio/ to try to get wolfSSL going again with the esp_xxx_client component.  However, since the wolfSSL is actually external to the entire ESP-IDF components, the esp_xxx_client doesn't bring in the wolfSSL library since it's not an ESP-IDF component.

I have set the `build_flags = -DWOLFSSL_USER_SETTINGS, -DWOLFSSL_ESP32` in platformio.ini and yes, I get the library linked in, however esp_xxx_client still uses mbedtls ( probably because of the only way to get the compile going is to use CONFIG_ESP_TLS_USING_MBEDTLS )

Using CONFIG_ESP_TLS_USING_WOLFSSL also fails, because of course, there is no wolfSSL component any more in ESP-IDF.

I'm at a loss to how to get this going, considering wolfSSL is now a foreign entity when it comes to being integrated into ESP-IDF and functionalities of such things as esp_xxx_client

Share

  • Registered: 2024-06-21
  • Posts: 5

Re: ESP32 Platformio 3.3.3 ESP-IDF v5.2.1; esp_http_client + wolfSSL fail

Remember, it's the esp_http_client component above, not esp_xxx_client

Share

  • From: Mobile, AL
  • Registered: 2013-12-11
  • Posts: 322

Re: ESP32 Platformio 3.3.3 ESP-IDF v5.2.1; esp_http_client + wolfSSL fail

Hi parmstrong3

Thanks for joining the wolfSSL forums. I am requesting our ESP32 expert to chime in here.

Could you tell us a bit about your project? Feel free to email support@wolfssl.com if you'd prefer a less public venue.

Thanks,
Eric - wolfSSL Support

embhorn's Website

Share

  • Registered: 2022-05-24
  • Posts: 15

Re: ESP32 Platformio 3.3.3 ESP-IDF v5.2.1; esp_http_client + wolfSSL fail

Hi parmstrong3 -

Thanks for taking the new wolfSSL PlatformIO support for a test drive!

Yes, it's true there's currently a lot of room for improvement in the Espressif examples for wolfSSL. See:

https://github.com/espressif/esp-idf/issues/13966

In particular, the esp-tls layer not only adds complexity, but today when selecting wolfSSL using: 

idf.py menuconfig

the examples such as esp_http_client do not work properly, as you've seen.

A fix is currently in the works, and more importantly: a vastly superior method of integrating wolfSSL into the ESP-IDF using Managed Components from the ESP Registry. You'll see in the #13966 thread, that Ivan has an excellent solution for allowing the ESP-IDF to "see" a component installed in the local project. There's a partially working example here:

https://github.com/gojimmypi/esp-idf/tree/wolfssl

(the https WIP example is in a different repo)

In the meantime, my best advice is to use wolfSSL directly instead of using the esp-tls layer. See the examples:

https://github.com/wolfSSL/wolfssl/tree … F/examples

I realize these are only using the TLS layer, but the read & writes should be easily adapted to an HTTPS example.

Here's a blog on using the Managed Components:

https://www.wolfssl.com/wolfssl-now-ava … -registry/

If you *really* want to use the eps-tls, the esp-wolfssl needs to be installed manually. As you noticed, it is no longer included in the ESP-IDF. Also note the version there is really quite stale. There's also an unintuitive setting needed, as seen in the esp-tls Kconfig file:

        config ESP_TLS_USING_WOLFSSL
            depends on TLS_STACK_WOLFSSL

So be sure to click the `Include wolfSSL in ESP-TLS` settings to enable the TLS_STACK_WOLFSSL. This too is currently being improved.

I'm completely confident we can get wolfSSL HTTPS working robustly, even though the Espressif examples and the ESP-IDF itself need a little bit of TLC.

Share

  • Registered: 2024-06-21
  • Posts: 5

Re: ESP32 Platformio 3.3.3 ESP-IDF v5.2.1; esp_http_client + wolfSSL fail

( this is the third submit of the same information, for some reason my submits are not submitting )

That is extremely valuable information, thanks!

I'm not sure the drastic change in workflow required for us would be something we can work with in the short term.

It sounds like we would have to move from PlatformIO+esp-idf to just esp-idf, which would be easy enough to do, but our entire build process is more PlatformIO based for our production / manufacturing, etc., so our entire workflow would be severely impacted.

We'll see if we can be some kind of solution through our commercial contact at wolfSSL, but it's sounding like this would only be feasible in a longer timeframe than we desire.

Share

  • Registered: 2024-06-21
  • Posts: 5

Re: ESP32 Platformio 3.3.3 ESP-IDF v5.2.1; esp_http_client + wolfSSL fail

Ah ... it was the bot stopper.  Since I'm logged in already, I'm not sure why the forum thought I was a bot.

Share

  • Registered: 2022-05-24
  • Posts: 15

Re: ESP32 Platformio 3.3.3 ESP-IDF v5.2.1; esp_http_client + wolfSSL fail

Hi parmstrong3 - if you'd be able to get your workflow operational with the ESP-IDF, I suspect we could also get it  working with PlatformIO.

My personal skill set is certainly stronger with the ESP-IDF, but I'd be happy to do all I can to assist with your build process, particularly as a commercial customer. After you reach out to your contact, let's arrange a time for a call to discuss your specific needs.

Thank you for your interest in wolfSSL.

Jim

Share

  • Registered: 2024-06-21
  • Posts: 5

Re: ESP32 Platformio 3.3.3 ESP-IDF v5.2.1; esp_http_client + wolfSSL fail

Hi @gojimmypi - we were informed by our commercial contact to email support@wolfssl.com, I'll just send the link to this forum as initial contact

Thanks!

Share