diff --git a/lib/tls/mbedtls/client.c b/lib/tls/mbedtls/client.c index 5e971e04..24e501b8 100644 --- a/lib/tls/mbedtls/client.c +++ b/lib/tls/mbedtls/client.c @@ -172,7 +172,8 @@ lws_tls_client_create_vhost_context(struct lws_vhost *vh, return 1; } - SSL_CTX_add_client_CA(vh->ssl_client_ctx, vh->x509_client_CA); + // SSL_CTX_add_client_CA(vh->ssl_client_ctx, vh->x509_client_CA); + SSL_CTX_add_client_CA(vh->ssl_ctx, vh->x509_client_CA); lwsl_notice("client loaded CA for verification %s\n", ca_filepath); diff --git a/lib/tls/mbedtls/server.c b/lib/tls/mbedtls/server.c index e885f941..d88e39c8 100644 --- a/lib/tls/mbedtls/server.c +++ b/lib/tls/mbedtls/server.c @@ -25,6 +25,8 @@ int lws_tls_server_client_cert_verify_config(struct lws_context_creation_info *info, struct lws_vhost *vh) { + SSL_CTX_set_verify(vh->ssl_ctx, SSL_VERIFY_PEER, NULL); + return 0; }