You are not logged in. Please login or register.
Please post questions or comments you have about wolfSSL products here. It is helpful to be as descriptive as possible when asking your questions.
ReferenceswolfSSL - Embedded SSL Library → wolfSSL → SSL server connection problem
How to connect a SSL server(the server have server signed certificate) without loading the CA certificate on Client side?.
If want to connect SSL Server with signed certificate, not required to load the CA certificate on client.
If any idea please share
Hi rahuld3919,
If you are trying to connect to a server that has a self-signed certificate (server cert is signed by itself), you have two options:
1) Load the same server certificate into the client as a trusted root certificate. You can do this using the wolfSSL_CTX_load_verify_locations() API.
2) Disable peer verification using the wolfSSL_CTX_set_verify() with SSL_VERIFY_NONE. This will disable verification, and is not recommended.
Best Regards,
Chris
Hi @rahuld3919,
Can you tell us a bit about your current effort and what it is you are trying to do specifically? Why would you want to connect to a server without first loading a certificate with which to validate the server? If you do not load a certificate to validate the peer you might be connecting to any malicious server out there. This would not be a good thing. Please explain the motivation behind the inquiry. As Chris suggested when using a self signed cert just load it on both side of the connection! The client can use the self-signed cert to validate the peer.
Warmest Regards,
K
Hi Kaleb
I want to connect a SSL server(have CA signed server certificate). but I don't want to Load the certificate in client .
In Browser we are not loading the ssl certificate to connect the HTTPS server.
I don't know how browser working, but I want same
regards
rahul
Hi @rahuld3919,
Browsers come with entire stores of certificates which they load hundreds or thousands of every time they are launched. Whenever they connect to a server the browser will use every cert in it's store to try and verify that server until the store is exausted without a successful verify at which point the browser would report an error and refuse to connect to the server unless you manually add a security exception to the browser for that server. If your server certificate is signed by a CA authority and your browser connects without any issues then your browser is loading a copy of the CA that signed your server cert or it would report an error when connecting to the server.
Warm Regards,
K
Hi,
Can you give more clarifications about how to use wolfssl for adding a security feature in the web server for communicating with a web browser(as client) in embedded applications.We need a secure data exchange between the server and client(web browser) in a LAN connection.
Regards
fabin
wolfSSL - Embedded SSL Library → wolfSSL → SSL server connection problem
Powered by PunBB, supported by Informer Technologies, Inc.
Generated in 0.018 seconds (89% PHP - 11% DB) with 11 queries