When BMC server uses self-signed certificate and BIOS can not get 
root CA, we need a way of disabling TLS host verify in HTTPs 
connection. Some tool like "curl" has this ability to NOT verify
host certificate. Adding this option to HttpDxe driver helps BIOS
Redfish driver to communicate with BMC over HTTPs connection.

Signed-off-by: Nickle Wang <nicklew@nvidia.com>
Cc: Maciej Rabeda <maciej.rabeda@linux.intel.com>
Cc: Siyuan Fu <siyuan.fu@intel.com>
Cc: Abner Chang <abner.chang@amd.com>
Cc: Igor Kulchytskyy <igork@ami.com>
Cc: Nick Ramirez <nramirez@nvidia.com>

Nickle Wang (2):
  NetworkPkg/HttpDxe: provide function to disable TLS host verify
  RedfishPkg/RedfishDiscoverDxe: provide PCD to disable TLS host verify

 RedfishPkg/RedfishPkg.dec                     |  5 ++
 .../RedfishDiscoverDxe/RedfishDiscoverDxe.inf |  3 +-
 MdePkg/Include/Protocol/Http.h                |  5 ++
 NetworkPkg/HttpDxe/HttpProto.h                |  2 +
 NetworkPkg/HttpDxe/HttpImpl.c                 |  2 +
 NetworkPkg/HttpDxe/HttpsSupport.c             | 53 ++++++++++---------
 .../RedfishDiscoverDxe/RedfishDiscoverDxe.c   |  8 +--
 7 files changed, 50 insertions(+), 28 deletions(-)

-- 
2.39.1.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#99380): https://edk2.groups.io/g/devel/message/99380
Mute This Topic: https://groups.io/mt/96669375/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-