[Libwebsockets] TLS client auth help

lws lws lws at bick4ord.com
Sat May 18 01:59:04 CEST 2013


Hello,

I have successfully built and configured the libwebsockets client to
perform server authentication with TLS.  My server is nodejs (websocket
package 1.0.8) proxied behind nginx 1.4.1 (recently added websocket proxy
support).  Works great!

However, I have been trying to get client authentication working without
any success.  I haven't found any config options that present the client
certificate to the server during the TLS handshake.

My libwebsockets client configuration sets the following:

int use_ssl = 2;  (also tried 1)
info.ssl_cert_filepath = "/path/to/client/cert.pem";
info.ssl_private_key_filepath = "/path/to/client/key.pem";
info.ssl_ca_filepath = "path/to/ca/chain.pem";

The debug output from nginx reports the following error (only
when ssl_verify_client=on):

2013/05/17 16:31:08 [info] 25461#0: *5 client sent no required SSL
certificate while reading client request headers, client: 127.0.0.1,
server: localhost, request: "GET / HTTP/1.1", host: "localhost"

Is client auth supported on the libwebsockets client-side?  From what I can
tell from the code, it appears focused on the server-side support of client
auth.  Is there something config related that I am doing wrong?

thanks in advance for any help you can provide!
Ryan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://libwebsockets.org/pipermail/libwebsockets/attachments/20130517/fa2a0e87/attachment.html>


More information about the Libwebsockets mailing list