When BMC server uses self-signed certificate and BIOS can not get root CA, we need a way of disabling TLS host verify in HTTPs connection. Some tool like "curl" has this ability to NOT verify host certificate. Adding this option to HttpDxe driver helps BIOS Redfish driver to communicate with BMC over HTTPs connection.
Signed-off-by: Nickle Wang <nick...@nvidia.com> Cc: Maciej Rabeda <maciej.rab...@linux.intel.com> Cc: Siyuan Fu <siyuan...@intel.com> Cc: Abner Chang <abner.ch...@amd.com> Cc: Igor Kulchytskyy <ig...@ami.com> Cc: Nick Ramirez <nrami...@nvidia.com> Nickle Wang (2): NetworkPkg/HttpDxe: provide function to disable TLS host verify RedfishPkg/RedfishDiscoverDxe: provide PCD to disable TLS host verify RedfishPkg/RedfishPkg.dec | 5 ++ .../RedfishDiscoverDxe/RedfishDiscoverDxe.inf | 3 +- MdePkg/Include/Protocol/Http.h | 5 ++ NetworkPkg/HttpDxe/HttpProto.h | 2 + NetworkPkg/HttpDxe/HttpImpl.c | 2 + NetworkPkg/HttpDxe/HttpsSupport.c | 53 ++++++++++--------- .../RedfishDiscoverDxe/RedfishDiscoverDxe.c | 8 +-- 7 files changed, 50 insertions(+), 28 deletions(-) -- 2.39.1.windows.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#99380): https://edk2.groups.io/g/devel/message/99380 Mute This Topic: https://groups.io/mt/96669375/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-