Is there a way to make SSLClient work in "Insecure" mode?

[amanenk]

I am debugging a file downloading process on ESP32 and I want it to make a request without certificates validation. ESP8266 Arduino builtin BearSSL class has an option to do that (https://arduino-esp8266.readthedocs.io/en/latest/esp8266wifi/bearssl-client-secure-class.html#setinsecure). Is there a way of doing this in this library?

[prototypicalpro]

Not at the moment. This was partially by design, but primarily because BearSSL provides no built-in way to disable x509 verification (which was definitely by design).

It looks like it could be done by replacing the existing X509 verification engine with the custom insecure engine found in the ESP8266 core. Note that this workaround defeats the purpose of using TLS in the first place, but it would work as a last resort debugging tool. Perhaps you could give that a shot?