rdkcentral · adrojaankur · Dec 19, 2025 · Jan 27, 2026 · Jan 28, 2026 · Jan 28, 2026
@@ -24,7 +24,7 @@ libhttp_la_SOURCES = curlinterface.c
 libhttp_la_LDFLAGS = -shared -fPIC -lcurl
 if IS_LIBRDKCERTSEL_ENABLED
 libhttp_la_CFLAGS = $(LIBRDKCERTSEL_FLAG)
-libhttp_la_LDFLAGS += -lRdkCertSelector
+libhttp_la_LDFLAGS += -lRdkCertSelector -lcrypto
 endif
 libhttp_la_CPPFLAGS = -fPIC -I${PKG_CONFIG_SYSROOT_DIR}$(includedir)/dbus-1.0 \
                                 -I${PKG_CONFIG_SYSROOT_DIR}$(libdir)/dbus-1.0/include \

@@ -31,6 +31,9 @@
 #include <sys/wait.h>
 #include <curl/curl.h>
 #include <signal.h>
+#ifdef LIBRDKCERTSEL_BUILD
+#include <openssl/crypto.h>
+#endif
 
 #include "curlinterface.h"
 #include "reportprofiles.h"
@@ -277,6 +280,11 @@ static void curlCertSelectorInit()
 #endif
     if (state_red_enable && curlRcvryCertSelector == NULL )
     {
+        if(curlCertSelector != NULL)
+        {
+            rdkcertselector_free(&curlCertSelector);
+            curlCertSelector = NULL;
+        }
         curlRcvryCertSelector = rdkcertselector_new( NULL, NULL, "RCVRY" );
         if (curlRcvryCertSelector == NULL)
         {
@@ -319,6 +327,7 @@ T2ERROR sendReportOverHTTP(char *httpUrl, char *payload, pid_t* outForkedPid)
     rdkcertselectorStatus_t curlGetCertStatus;
     char *pCertURI = NULL;
     bool state_red_enable = false;
+    char *pEngine = NULL;
 #endif
     char *pCertFile = NULL;
     char *pCertPC = NULL;
@@ -440,6 +449,12 @@ T2ERROR sendReportOverHTTP(char *httpUrl, char *payload, pid_t* outForkedPid)
      */
     if(childPid == 0)
     {
+#ifdef LIBRDKCERTSEL_BUILD
+        if(OPENSSL_init_crypto(OPENSSL_INIT_NO_LOAD_CONFIG, NULL) != 1)
+        {
+             fprintf(stderr, "T2:OPENSSL_init_crypto failed\n"); // avoiding T2 logger in the child. 
-             fprintf(stderr, "T2:OPENSSL_init_crypto failed\n"); // avoiding T2 logger in the child. 
+             fprintf(stderr, "T2:OPENSSL_init_crypto failed\n"); // avoiding T2 logger in the child.
+             childCurlResponse.curlStatus = false;
+             childCurlResponse.curlResponse = CURLE_FAILED_INIT;
+             childCurlResponse.lineNumber = __LINE__;
+             goto child_cleanReturn;
-             fprintf(stderr, "T2:OPENSSL_init_crypto failed\n"); // avoiding T2 logger in the child. 
+             fprintf(stderr, "T2:OPENSSL_init_crypto failed\n"); // avoiding T2 logger in the child.
+             childCurlResponse.curlStatus = false;
+             childCurlResponse.curlResponse = CURLE_FAILED_INIT;
+             childCurlResponse.lineNumber = __LINE__;
+             goto child_cleanReturn;
+        }
+#endif
         curl = curl_easy_init();
         if(curl)
         {
@@ -455,6 +470,28 @@ T2ERROR sendReportOverHTTP(char *httpUrl, char *payload, pid_t* outForkedPid)
                 goto child_cleanReturn;
             }
 #ifdef LIBRDKCERTSEL_BUILD
+            pEngine = rdkcertselector_getEngine(thisCertSel);
+            if(pEngine != NULL )
+            {
+                code = curl_easy_setopt(curl, CURLOPT_SSLENGINE, pEngine);
+                if(code != CURLE_OK)
+                {
+                    childCurlResponse.lineNumber = __LINE__;
+                    curl_easy_cleanup(curl);
+                    goto child_cleanReturn;
+                }
+            }
+            else
+            {
+                code = curl_easy_setopt(curl, CURLOPT_SSLENGINE_DEFAULT, 1L);
+                if(code != CURLE_OK )
+                {
+                    childCurlResponse.lineNumber = __LINE__;
+                    curl_easy_cleanup(curl);
+                    goto child_cleanReturn;
+                }
+            }
+
             do
             {
                 pCertFile = NULL;