-
Notifications
You must be signed in to change notification settings - Fork 14
/
Kconfig
25 lines (21 loc) · 1.2 KB
/
Kconfig
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
menu "wolfSSL"
config TLS_STACK_WOLFSSL
bool "Include wolfSSL in ESP-TLS"
default y
select FREERTOS_ENABLE_BACKWARD_COMPATIBILITY
help
Includes wolfSSL in ESP-TLS so that it can be compiled with wolfSSL as its SSL/TLS library.
config WOLFSSL_HAVE_ALPN
bool "Enable ALPN (Application Layer Protocol Negotiation) in wolfSSL"
default y
config WOLFSSL_HAVE_OCSP
bool "Enable OCSP (Online Certificate Status Protocol) in wolfSSL"
default n
help
Enables Online Certificate Status Protocol (OCSP) within wolfSSL, which is the modern alternative
to maintaining Certificate Revocation Lists (CRLs). Enabling this option will make esp-tls to automatically
indicate support for OCSP when connecting as a TLS client. Server that support OCSP will forward the
certificate's revocation status to the client and the client will automatically verify the servers certificate
status based on the OCSP response forwarded to it.
Note: This option enables the OCSP in stapling (v1) mode for the client hence the TLS server needs to support OCSP stapling v1 .
endmenu # wolfSSL