libwebsockets icon indicating copy to clipboard operation
libwebsockets copied to clipboard
verified publisher icon warmcat

Tls handshake fails if client_ssl_private_key_filepath varaibale from lws_context_creation_info struct is set to NULL

Open sush126 opened this issue 1 year ago • 0 comments

Hi @lws-team i am using secure connection , on client side i am using CA (client_ssl_ca_filepath)and its opertional certficates (client_ssl_cert_filepath) while doing handshake i am not able to get Certificate verify finished packet from client to server.

If i give client_ssl_private_key_filepath then i am able to see Certificate verify finished packet. so my question is in one way handshake do we really required to give client_ssl_private_key_filepath . i am using below options pCreatInfo->options = LWS_SERVER_OPTION_EXPLICIT_VHOSTS | LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT | LWS_SERVER_OPTION_REQUIRE_VALID_OPENSSL_CLIENT_CERT | LWS_SERVER_OPTION_SSL_ECDH;

Attached wireshark logs: image

sush126 avatar Apr 30 '24 10:04 sush126