[Webkit-unassigned] [Bug 158345] [websocket] does not send client certificate

Mon Jun 6 00:50:21 PDT 2016

https://bugs.webkit.org/show_bug.cgi?id=158345

--- Comment #1 from Adi Stadelmann <adrian.stadelmann at flynt.io> ---
How to reproduce:

// ca
openssl genrsa -des3 -out ca.key 4096
openssl req -new -x509 -days 365 -key ca.key -out ca.crt
// server cert
openssl genrsa -out server.key 4096
openssl x509 -req -sha256 -days 365 -in server.csr -CA ca.crt -CAkey ca.key -set_serial 01 -out server.crt
// client cert
openssl genrsa -out client.key 2048
openssl req -new -key client.key -out client.csr
openssl x509 -req -days 365 -in client.csr -CA ca.crt -CAkey ca.key -set_serial 01 -out client.crt
// p12 for import
 openssl pkcs12 -export -clcerts -inkey client.key -in client.crt -out myClientCert.p12


import ca.crt and myClientCert.p12 into keychain, modify both to trust all


debugging with openssl:
sudo openssl s_server -accept 443 -key server.key -cert server.crt -CAfile ca.crt -Verify 9 -state


Connect with (webkit javascript console):
new WebSocket('wss://localhost/test');

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.webkit.org/pipermail/webkit-unassigned/attachments/20160606/1ee66c99/attachment.html>