Report
2 years ago.

Is it possible to perform Server/Client validation ?

Thank you for sharing the code. It is quite useful, however I need to perform complete validation when establishing TLS connection. Do you have example by any chance ?

Question relating to:

Simple usage example of MQTTS library SSL, TLS, wolfSSL
Comment on this question

1 Answer

2 years ago.

Yes, the library supports both server and client validation. You can load files for the validtion after getting new ctx.

Please find client and server side examples here. https://github.com/wolfSSL/wolfssl/blob/master/examples

Find following functions around line 670 in client/client.c.

wolfSSL_CTX_load_verify_locations, wolfSSL_CTX_use_certificate_chain_file, wolfSSL_CTX_use_PrivateKey_file,

I hope this helps.

Kojo

Kojo,

Thank you a million! While I still cannot make it work for Freedom board, I was able to compile wolfSSL on linux instance and test that indeed it make MQTTS connection and do mutual cert validation.

posted by Anton Shmagin 09 Sep 2015

To post an answer, please log in.