Name |
Date |
Size |
#Lines |
LOC |
||
|---|---|---|---|---|---|---|
| .. | - | - | ||||
| mount-origin/ | 12-May-2024 | - | 173 | 161 | ||
| CMakeLists.txt | D | 12-May-2024 | 2.1 KiB | 81 | 71 | |
| README.md | D | 12-May-2024 | 2.3 KiB | 61 | 43 | |
| minimal-http-server-tls-mem.c | D | 12-May-2024 | 32.3 KiB | 466 | 417 |
README.md
1 # lws minimal http server with tls and certs from memory 2 3 This is the same as the minimal-http-server-tls example, but shows how 4 to init the vhost with both PEM or DER certs from memory instead of files. 5 6 The server listens on port 7681 (initialized with PEM in-memory certs) and 7 port 7682 (initialized with DER in-memory certs). 8 9 ## build 10 11 ``` 12 $ cmake . && make 13 ``` 14 15 ## usage 16 17 ``` 18 $ ./lws-minimal-http-server-tls-mem 19 [2019/02/14 14:46:40:9783] USER: LWS minimal http server TLS | visit https://localhost:7681 20 [2019/02/14 14:46:40:9784] NOTICE: Using SSL mode 21 [2019/02/14 14:46:40:9784] NOTICE: lws_tls_server_vhost_backend_init: vh first: mem CA OK 22 parsing as der 23 [2019/02/14 14:46:40:9849] NOTICE: no client cert required 24 [2019/02/14 14:46:40:9849] NOTICE: created client ssl context for first 25 [2019/02/14 14:46:40:9849] NOTICE: Using SSL mode 26 [2019/02/14 14:46:40:9850] NOTICE: lws_tls_server_vhost_backend_init: vh second: mem CA OK 27 parsing as der 28 [2019/02/14 14:46:40:9894] NOTICE: no client cert required 29 [2019/02/14 14:46:40:9894] NOTICE: created client ssl context for second 30 [2019/02/14 14:46:40:9894] NOTICE: vhost first: cert expiry: 36167d 31 [2019/02/14 14:46:40:9894] NOTICE: vhost second: cert expiry: 36167d 32 [2018/03/20 13:23:14:0207] NOTICE: vhost default: cert expiry: 730459d 33 ``` 34 35 Visit https://127.0.0.1:7681 and https://127.0.0.1:7682 36 37 Because it uses a selfsigned certificate, you will have to make an exception for it in your browser. 38 39 ## Certificate creation 40 41 The selfsigned certs provided were created with 42 43 ``` 44 echo -e "GB\nErewhon\nAll around\nlibwebsockets-test\n\nlocalhost\nnone@invalid.org\n" | openssl req -new -newkey rsa:4096 -days 36500 -nodes -x509 -keyout "localhost-100y.key" -out "localhost-100y.cert" 45 ``` 46 47 they cover "localhost" and last 100 years from 2018-03-20. 48 49 You can replace them with commercial certificates matching your hostname. 50 51 The der content was made from PEM like this 52 53 ``` 54 $ cat ../minimal-http-server-tls/localhost-100y.key | grep -v ^- | base64 -d | hexdump -C | tr -s ' ' | cut -d' ' -f2- | cut -d' ' -f-16 | sed "s/|.*//g" | sed "s/0000.*//g" | sed "s/^/0x/g" | sed "s/\ /\,\ 0x/g" | sed "s/\$/,/g" | sed "s/0x,//g" 55 ``` 56 57 ## HTTP/2 58 59 If you built lws with `-DLWS_WITH_HTTP2=1` at cmake, this simple server is also http/2 capable 60 out of the box. If the index.html was loaded over http/2, it will display an HTTP 2 png. 61