[Libwebsockets] Client certificate validation works

Andy Green andy at warmcat.com
Fri Jun 19 10:10:39 CEST 2015



On 19 June 2015 12:59:09 GMT+08:00, Bruce Perens <bruce at perens.com> wrote:
>See
>http://blog.algoram.com/blog/2015/06/19/using-the-arrl-logbook-of-the-world-certificate-to-validate-yourself-to-web-services-as-a-licensed-radio-amateur/
>for what I'm doing with client certificates.
>
>To make this work, I had to patch libwebsockets to use
>SSL_CTX_set_session_id_context() when working with client certificates.
>I
>turned off SSL_VERIFY_FAIL_IF_NO_PEER_CERT for now, I'll come up with
>code
>for an option to do that. And I had to use private-libwebsockets.h to
>get
>to the wsi->ssl field from my code. Probably the best solution for that
>is
>to provide an API function to return the SSL * for a wsi.

Thanks for sharing, I will make some time tomorrow to catch up with this.

-Andy

>    Thanks
>
>    Bruce
>
>
>------------------------------------------------------------------------
>
>_______________________________________________
>Libwebsockets mailing list
>Libwebsockets at ml.libwebsockets.org
>http://ml.libwebsockets.org/mailman/listinfo/libwebsockets




More information about the Libwebsockets mailing list