machinezone
using appropriate *.pem file for server cert by client
Letsenscript has generated the following files for SSL using NGINX Proxy Manager:
- cert.pem
- chain.pem
- fullchain.pem
- privkey.pem
My IXwebsocket based websocket client has been working great without TLS enabled. But I'm not trying to implement TLS for server certification by client and later client certification by server. However, I'd like to focus on the former and get the client to certify server. In C++, I've declared and implemented several combinations except providing the keyfile
ix::socketTLSOptions tlsOptions;
tlsOptions.tls = true ;
tlsOptions.certFile = "NONE" ;
tlsOptions.keyFile = "NONE" ;
tlsOptions.caFile = "fullchain.pem" ;
this->setTLSOptions(tlsOptions) ;
Above is just one example attempt, but none seem to result in passing server cert at the client.
I've been successful implementing an IoT websocket client, using a single pem file generated from running:
$ openssl s_client -showcerts -connect <<server domain name>>>:443 </dev/null
and cut/pasting last hash into a file for embedding.
Please help me by explaining which option file names from structure map to server cert or client cert. But more directly, which of the letsenscript files that nginx generates go in this structure.
Thanks
