Mirrors/libwebsockets
1
0
Fork 0
mirror of https://github.com/warmcat/libwebsockets.git synced 2025-03-16 00:00:07 +01:00
Code Issues Releases Wiki Activity
libwebsockets/minimal-examples/http-server/minimal-http-server-tls
History
Andy Green d9f982a055 minimal examples: update for CSP best practices 
1) update the logos to svg

2) add svg icon for strict security policy where used

3) define new vhost option flag to enforce sending CSP headers
   with the result code

4) add vhost option flag to minimal examples to
   enforce sending CSP where applicable

5) Go through all the affecting examples confirming they
   still work

6) add LWS_RECOMMENDED_MIN_HEADER_SPACE constant (currently
   2048) to clarify when we need a buffer to hold headers...
   with CSP the headers have become potentially a lot
   larger.
2018-11-21 17:03:29 +08:00
..
mount-origin minimal examples: update for CSP best practices 2018-11-21 17:03:29 +08:00
CMakeLists.txt refactor: most preparation for -DLWS_ROLE_H1=0 2018-04-27 19:16:50 +08:00
localhost-100y.cert minimal: http-server-tls 2018-04-06 10:38:03 +08:00
localhost-100y.key minimal: http-server-tls 2018-04-06 10:38:03 +08:00
minimal-http-server-tls.c minimal examples: update for CSP best practices 2018-11-21 17:03:29 +08:00
README.md minimal: http-server-tls 2018-04-06 10:38:03 +08:00

README.md

lws minimal http server with tls

build

 $ cmake . && make

usage

 $ ./lws-minimal-http-server-tls
[2018/03/20 13:23:13:0131] USER: LWS minimal http server TLS | visit https://localhost:7681
[2018/03/20 13:23:13:0142] NOTICE: Creating Vhost 'default' port 7681, 1 protocols, IPv6 off
[2018/03/20 13:23:13:0142] NOTICE:  Using SSL mode
[2018/03/20 13:23:13:0146] NOTICE:  SSL ECDH curve 'prime256v1'
[2018/03/20 13:23:13:0146] NOTICE:  HTTP2 / ALPN enabled
[2018/03/20 13:23:13:0195] NOTICE: lws_tls_client_create_vhost_context: doing cert filepath localhost-100y.cert
[2018/03/20 13:23:13:0195] NOTICE: Loaded client cert localhost-100y.cert
[2018/03/20 13:23:13:0195] NOTICE: lws_tls_client_create_vhost_context: doing private key filepath
[2018/03/20 13:23:13:0196] NOTICE: Loaded client cert private key localhost-100y.key
[2018/03/20 13:23:13:0196] NOTICE: created client ssl context for default
[2018/03/20 13:23:14:0207] NOTICE:    vhost default: cert expiry: 730459d

Visit https://localhost:7681

Because it uses a selfsigned certificate, you will have to make an exception for it in your browser.

Certificate creation

The selfsigned certs provided were created with

echo -e "GB\nErewhon\nAll around\nlibwebsockets-test\n\nlocalhost\nnone@invalid.org\n" | openssl req -new -newkey rsa:4096 -days 36500 -nodes -x509 -keyout "localhost-100y.key" -out "localhost-100y.cert"

they cover "localhost" and last 100 years from 2018-03-20.

You can replace them with commercial certificates matching your hostname.

HTTP/2

If you built lws with -DLWS_WITH_HTTP2=1 at cmake, this simple server is also http/2 capable out of the box. If the index.html was loaded over http/2, it will display an HTTP 2 png.