[Libwebsockets] Two way TLS authentication with mbedTLS

Iván Valdés ivaldesi97 at gmail.com
Fri Jul 23 11:47:28 CEST 2021


Hi,

I'm using the version v3.1 of libwebsockets compiled with mbedTLS.
Currently I have a websocket client that connects to a http/ws server using
TLS with server certificate validation. I need to enable the client to send
its certificate to the server and also enable the server to verify this
certificate with a CA certificate.

I saw at the examples that, to make a server verify the client certificate,
the LWS_SERVER_OPTION_REQUIRE_VALID_OPENSSL_CLIENT_CERT option must be set
on the vhost info and then a call
to LWS_CALLBACK_OPENSSL_PERFORM_CLIENT_CERT_VERIFICATION  will be
performed. I assume that  the verification is not done by the LWS
implicitly . Am I wrong? With mbedtls I didn't manage to make this work.
The callback is never called. Is there any example of how to make this
work?

Regards,

Iván.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://libwebsockets.org/pipermail/libwebsockets/attachments/20210723/bd522e81/attachment.htm>


More information about the Libwebsockets mailing list