Secure client does not send it's certificate
vvoznesensky opened this issue · comments
Vladimir Voznesenskiy commented
Server can be started by the following command:
$ openssl s_server -cert localhost.pem -port 8445 -debug -Verify 3 -security_debug -security_debug_verbose -CAfile ../ca/demoCA/cacert.pem
Client code that cause an error:
#! /usr/bin/tarantool
local log = require('log')
local websocket = require('websocket')
local ssl = require('websocket.ssl')
local ctx = ssl.ctx()
if not ssl.ctx_use_private_key_file(ctx, './certificate.pem') then
log.info('Error private key')
return
end
if not ssl.ctx_use_certificate_file(ctx, './certificate.pem') then
log.info('Error certificate')
return
end
local function connect(url, ctx)
local ws, err = websocket.connect(url, nil, {timeout = 3, ctx = ctx})
if not ws then error(err) end
return ws
end
local ws = connect('wss://localhost:8445', ctx)
if not ws then
log.info(err)
return
end
ws:write('HELLO')
local response = ws:read()
log.info(response)
assert(response.data == 'HELLO')
Server error output:
ERROR
140584994805120:error:1417C0C7:SSL routines:tls_process_client_certificate:peer did not return a certificate:../ssl/statem/statem_srvr.c:3697:
shutting down SSL
CONNECTION CLOSED
Vladimir Voznesenskiy commented
Made as mistake in calling websocket.connect, so closing.