[Libwebsockets] Sal error in server side

Andy Green andy at warmcat.com
Tue Jan 23 08:53:46 CET 2018



On 23/01/18 15:35, dabicho wrote:
> I am getting this error from a Firefox client while migrating 
> libwebsocket version
> 
> It looks to me as of the client is trying to authenticate itself, which 
> I was not aware was a possibly or requirement. I didn't see this before.
> 
> Where does this come from?

  - what version of lws is it

  - building against OpenSSL or mbedTLS?

  - does Firefox bring you a dialog for you to select a client cert then?

  - I take it that the lws test apps don't have this problem on your 
platform?

> lws_ssl_capable_read failed
> routine ssl3_read_bytes:tlsv1 alert unknown ca

It says "unknown ca"... this is because you sent it a client cert, or 
stopped Firefox sending the client cert?

If your vhost creation options don't have 
LWS_SERVER_OPTION_REQUIRE_VALID_OPENSSL_CLIENT_CERT bit set, it 
shouldn't ask for any client cert.  Maybe check you memset() the info 
struct to 0 before setting it, if you declare it on the stack.

-Andy

> Thank you for any idea
> 
> 
> 
> 
> 
> _______________________________________________
> Libwebsockets mailing list
> Libwebsockets at ml.libwebsockets.org
> https://libwebsockets.org/mailman/listinfo/libwebsockets
> 



More information about the Libwebsockets mailing list