<html>
<head>
<base href="https://bugs.webkit.org/" />
</head>
<body>
<p>
<div>
<b><a class="bz_bug_link
bz_status_NEW "
title="NEW - [websocket] does not send client certificate"
href="https://bugs.webkit.org/show_bug.cgi?id=158345#c1">Comment # 1</a>
on <a class="bz_bug_link
bz_status_NEW "
title="NEW - [websocket] does not send client certificate"
href="https://bugs.webkit.org/show_bug.cgi?id=158345">bug 158345</a>
from <span class="vcard"><a class="email" href="mailto:adrian.stadelmann@flynt.io" title="Adi Stadelmann <adrian.stadelmann@flynt.io>"> <span class="fn">Adi Stadelmann</span></a>
</span></b>
<pre>How to reproduce:
// ca
openssl genrsa -des3 -out ca.key 4096
openssl req -new -x509 -days 365 -key ca.key -out ca.crt
// server cert
openssl genrsa -out server.key 4096
openssl x509 -req -sha256 -days 365 -in server.csr -CA ca.crt -CAkey ca.key -set_serial 01 -out server.crt
// client cert
openssl genrsa -out client.key 2048
openssl req -new -key client.key -out client.csr
openssl x509 -req -days 365 -in client.csr -CA ca.crt -CAkey ca.key -set_serial 01 -out client.crt
// p12 for import
openssl pkcs12 -export -clcerts -inkey client.key -in client.crt -out myClientCert.p12
import ca.crt and myClientCert.p12 into keychain, modify both to trust all
debugging with openssl:
sudo openssl s_server -accept 443 -key server.key -cert server.crt -CAfile ca.crt -Verify 9 -state
Connect with (webkit javascript console):
new WebSocket('wss://localhost/test');</pre>
</div>
</p>
<hr>
<span>You are receiving this mail because:</span>
<ul>
<li>You are the assignee for the bug.</li>
</ul>
</body>
</html>