[Libwebsockets] Verify server certificate?

Adam MacBeth amacbeth at gmail.com
Fri Mar 11 18:49:38 CET 2016


It looks like out of the box the client doesn't do any verification on
server certificates. Is there a way to enable this?

I used LWS_CALLBACK_OPENSSL_LOAD_EXTRA_CLIENT_VERIFY_CERTS to grab the
SSL_CTX and call SSL_CTX_set_verify() with SSL_VERIFY_PEER. If verification
fails this appears to result in the websocket getting cleaned up but I
never see LWS_CALLBACK_CLIENT_CONNECTION_ERROR,
just LWS_CALLBACK_WSI_DESTROY. Is this expected?

Thanks,
Adam
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://libwebsockets.org/pipermail/libwebsockets/attachments/20160311/d36d131c/attachment.html>


More information about the Libwebsockets mailing list