From 177e05deb28b8eaa5ce5d65b2bbfb8d88cc6b4f1 Mon Sep 17 00:00:00 2001
From: Deomid Ryabkov <rojer@cesanta.com>
Date: Fri, 1 Sep 2017 00:35:11 +0300
Subject: [PATCH] CC3220: AWS connection works

PUBLISHED_FROM=5831462c5be0b79afff32130a1f45784f32bc524
---
 mongoose.c | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/mongoose.c b/mongoose.c
index 5b80e7244..402cd6ffa 100644
--- a/mongoose.c
+++ b/mongoose.c
@@ -13699,7 +13699,15 @@ void mg_mgr_handle_conn(struct mg_connection *nc, int fd_flags, double now) {
         DBG(("%p conn res=%d", nc, nc->err));
         if (nc->err == SL_ERROR_BSD_ESECSNOVERIFY ||
             /* TODO(rojer): Provide API to set the date for verification. */
-            nc->err == SL_ERROR_BSD_ESECDATEERROR) {
+            nc->err == SL_ERROR_BSD_ESECDATEERROR
+#if SL_MAJOR_VERSION_NUM >= 2
+            /* Per SWRU455, this error does not mean verification failed,
+             * it only means that the cert used is not present in the trusted
+             * root CA catalog. Which is perfectly fine. */
+            ||
+            nc->err == SL_ERROR_BSD_ESECUNKNOWNROOTCA
+#endif
+            ) {
           nc->err = 0;
         }
         if (nc->flags & MG_F_SSL && nc->err == 0) {
-- 
GitLab