[Libwebsockets] Verify server certificate?
andy at warmcat.com
Sat Mar 12 04:30:44 CET 2016
On 03/12/2016 01:49 AM, Adam MacBeth wrote:
> It looks like out of the box the client doesn't do any verification on
> server certificates. Is there a way to enable this?
Send the code that works and I'll add it with a context creation option.
> I used LWS_CALLBACK_OPENSSL_LOAD_EXTRA_CLIENT_VERIFY_CERTS to grab the
> SSL_CTX and call SSL_CTX_set_verify() with SSL_VERIFY_PEER. If
> verification fails this appears to result in the websocket getting
> cleaned up but I never see LWS_CALLBACK_CLIENT_CONNECTION_ERROR,
> just LWS_CALLBACK_WSI_DESTROY. Is this expected?
Again it's helpful to see what you actually did patchwise.
If there's a path that should return connection error, I can make sure
it does but there's not enough info here to take care of it.
> Libwebsockets mailing list
> Libwebsockets at ml.libwebsockets.org
More information about the Libwebsockets