<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
</head>
<body>
<p><font face="monospace">Hi Andy,</font></p>
<p><font face="monospace">I'm trying to get lws working on iPhone
(iOS). With wolfSLL I had no luck, only "</font><span
style="color: rgb(51, 51, 51); font-family: -apple-system,
"SF Pro Text", "Helvetica Neue",
HelveticaNeue, Helvetica, Arial, sans-serif; font-size: 13px;
font-variant-ligatures: normal; letter-spacing: -0.078px;
orphans: 2; widows: 2; background-color: rgb(255, 255, 255);
text-decoration-thickness: initial;" class="">E:
lws_client_connect_via_info: no vhost", but now I tied it with
mbedtls, that works perfectly together with lws on Android and
it look better, but lws closes connection because of self signed
SSL certificate. LCCSCF_ALLOW_SELFSIGNED is set and it seems to
work one time:</span></p>
<p><span style="color: rgb(51, 51, 51); font-family: -apple-system,
"SF Pro Text", "Helvetica Neue",
HelveticaNeue, Helvetica, Arial, sans-serif; font-size: 13px;
font-variant-ligatures: normal; letter-spacing: -0.078px;
orphans: 2; widows: 2; background-color: rgb(255, 255, 255);
text-decoration-thickness: initial;" class="">[2021/12/21
20:18:13:0727] I: lws_tls_session_new_mbedtls:
[wsicli|0|WS/h1/default/dev.medrepo.de]: new
default_dev.medrepo.de_443, (default:1)<br>
[2021/12/21 20:18:13:0727] I: lws_tls_client_connect: client
connect OK<br>
[2021/12/21 20:18:13:0727] D: lws_ssl_client_connect2:
SSL_connect says 0<br>
[2021/12/21 20:18:13:0727] I:
lws_tls_restrict_return_handshake: 1 -> 0<br>
[2021/12/21 20:18:13:0727] N: lws_gate_accepts: on = 0<br>
[2021/12/21 20:18:13:0727] D: get_verify says 24<br>
[2021/12/21 20:18:13:0727] I: lws_tls_client_confirm_peer_cert:
cert problem: invalidca<br>
[2021/12/21 20:18:13:0727] I: lws_tls_client_confirm_peer_cert:
allowing anyway<br>
</span></p>
<p><span style="color: rgb(51, 51, 51); font-family: -apple-system,
"SF Pro Text", "Helvetica Neue",
HelveticaNeue, Helvetica, Arial, sans-serif; font-size: 13px;
font-variant-ligatures: normal; letter-spacing: -0.078px;
orphans: 2; widows: 2; background-color: rgb(255, 255, 255);
text-decoration-thickness: initial;" class="">Then connection is
redirected to LWSWS</span></p>
<p><span style="color: rgb(51, 51, 51); font-family: -apple-system,
"SF Pro Text", "Helvetica Neue",
HelveticaNeue, Helvetica, Arial, sans-serif; font-size: 13px;
font-variant-ligatures: normal; letter-spacing: -0.078px;
orphans: 2; widows: 2; background-color: rgb(255, 255, 255);
text-decoration-thickness: initial;" class="">[2021/12/21
20:18:13:1070] N: lws_client_reset: REDIRECT dev.medrepo.de:443,
path='jasca/', ssl = 1, alpn='h2;http/1.1'</span></p>
<p><span style="color: rgb(51, 51, 51); font-family: -apple-system,
"SF Pro Text", "Helvetica Neue",
HelveticaNeue, Helvetica, Arial, sans-serif; font-size: 13px;
font-variant-ligatures: normal; letter-spacing: -0.078px;
orphans: 2; widows: 2; background-color: rgb(255, 255, 255);
text-decoration-thickness: initial;" class="">and here </span><span
style="color: rgb(51, 51, 51); font-family: -apple-system,
"SF Pro Text", "Helvetica Neue",
HelveticaNeue, Helvetica, Arial, sans-serif; font-size: 13px;
font-variant-ligatures: normal; letter-spacing: -0.078px;
orphans: 2; widows: 2; background-color: rgb(255, 255, 255);
text-decoration-thickness: initial;" class=""><span
style="color: rgb(51, 51, 51); font-family: -apple-system,
"SF Pro Text", "Helvetica Neue",
HelveticaNeue, Helvetica, Arial, sans-serif; font-size: 13px;
font-variant-ligatures: normal; letter-spacing: -0.078px;
orphans: 2; widows: 2; background-color: rgb(255, 255, 255);
text-decoration-thickness: initial;" class="">LCCSCF_ALLOW_SELFSIGNED
seems to be ignored<br>
</span></span></p>
<p><span style="color: rgb(51, 51, 51); font-family: -apple-system,
"SF Pro Text", "Helvetica Neue",
HelveticaNeue, Helvetica, Arial, sans-serif; font-size: 13px;
font-variant-ligatures: normal; letter-spacing: -0.078px;
orphans: 2; widows: 2; background-color: rgb(255, 255, 255);
text-decoration-thickness: initial;" class="">[2021/12/21
20:18:13:1714] I: lws_tls_session_new_mbedtls:
[wsicli|0|WS/h1/default/dev.medrepo.de]: reuse
default_dev.medrepo.de_443, (default:1)<br>
[2021/12/21 20:18:13:1714] I: lws_tls_client_connect: client
connect OK<br>
[2021/12/21 20:18:13:1714] D: lws_ssl_client_connect2:
SSL_connect says 0<br>
</span><span style="color: rgb(51, 51, 51); font-family:
-apple-system, "SF Pro Text", "Helvetica
Neue", HelveticaNeue, Helvetica, Arial, sans-serif;
font-size: 13px; font-variant-ligatures: normal; letter-spacing:
-0.078px; orphans: 2; widows: 2; background-color: rgb(255, 255,
255); text-decoration-thickness: initial;" class=""><span
style="color: rgb(51, 51, 51); font-family: -apple-system,
"SF Pro Text", "Helvetica Neue",
HelveticaNeue, Helvetica, Arial, sans-serif; font-size: 13px;
font-variant-ligatures: normal; letter-spacing: -0.078px;
orphans: 2; widows: 2; background-color: rgb(255, 255, 255);
text-decoration-thickness: initial;" class="">[</span>2021/12/21
20:18:13:1714] I: lws_tls_restrict_return_handshake: 1 -> 0<br>
[2021/12/21 20:18:13:1714] N: lws_gate_accepts: on = 0<br>
[2021/12/21 20:18:13:1714] D: get_verify says 24<br>
[2021/12/21 20:18:13:1714] I: lws_tls_client_confirm_peer_cert:
cert problem: invalidca<br>
[2021/12/21 20:18:13:1714] I: server's cert didn't look good,
invalidca (use_ssl 0x1) X509_V_ERR = 24: CA is not trusted<br>
[2021/12/21 20:18:13:1714] I: lws_http_client_socket_service:
closing conn at LWS_CONNMODE...SERVER_REPLY,
[wsicli|0|WS/h1/default/dev.medrepo.de], state 0x204<br>
[2021/12/21 20:18:13:1714] I: reason: server's cert didn't look
good, invalidca (use_ssl 0x1) X509_V_ERR = 24: CA is not trusted<br>
</span></p>
<p><span style="color: rgb(51, 51, 51); font-family: -apple-system,
"SF Pro Text", "Helvetica Neue",
HelveticaNeue, Helvetica, Arial, sans-serif; font-size: 13px;
font-variant-ligatures: normal; letter-spacing: -0.078px;
orphans: 2; widows: 2; background-color: rgb(255, 255, 255);
text-decoration-thickness: initial;" class="">Version: LWS:
4.3.0-v4.3.0-79-g141ebf37, NET CLI SRV H1 H2 WS MbedTLS ConMon
IPv6-absent</span></p>
<p><span style="color: rgb(51, 51, 51); font-family: -apple-system,
"SF Pro Text", "Helvetica Neue",
HelveticaNeue, Helvetica, Arial, sans-serif; font-size: 13px;
font-variant-ligatures: normal; letter-spacing: -0.078px;
orphans: 2; widows: 2; background-color: rgb(255, 255, 255);
text-decoration-thickness: initial;" class="">The same client
code works on Android with the same server ...<br>
</span></p>
<p><span style="color: rgb(51, 51, 51); font-family: -apple-system,
"SF Pro Text", "Helvetica Neue",
HelveticaNeue, Helvetica, Arial, sans-serif; font-size: 13px;
font-variant-ligatures: normal; letter-spacing: -0.078px;
orphans: 2; widows: 2; background-color: rgb(255, 255, 255);
text-decoration-thickness: initial;" class="">-</span></p>
<p><span style="color: rgb(51, 51, 51); font-family: -apple-system,
"SF Pro Text", "Helvetica Neue",
HelveticaNeue, Helvetica, Arial, sans-serif; font-size: 13px;
font-variant-ligatures: normal; letter-spacing: -0.078px;
orphans: 2; widows: 2; background-color: rgb(255, 255, 255);
text-decoration-thickness: initial;" class="">Roman<br>
</span></p>
</body>
</html>