Open cBournhonesque opened 9 months ago
Generally, for PROD environments the server should present a valid (trusted by known CA) certificate and serverCertificateHashes
is not required (as client can validate the proper certificate). So PROD environment should rely on PKI mechanisms.
I intend serverCertificateHashes
more for Development/Testing environment, also because there are a few constraints on its usage: see requirements here. For instance, the certificate validity period cannot be more than 2 weeks.
Having said that, I don't know if you already had a look at wtransport/examples/full.rs
.
In that example, the server is also serving the web resources (the client web application), and when the server starts the certificates is injected in the javascript.
With this approach, the web client is "dynamic" and can always be potentially updated by the server itself with its hash.
Thanks!
Sorry, PKI stands for Public Key Infrastructure, it is how generally certificate infrastructure works.
What I meant is: if you have a PROD environment you should rely on good practices like serving a certificate that clients can check against a well-known trusted authority (CA).
There are free solution to sign a certificate, for example: https://letsencrypt.org/
@cBournhonesque consider using xwt-cert-utils
if you need this in wasm. wtransport
doesn't build in wasm.
@BiagioFesta serverCertificateHashes
is absolutely intended for production environments, as they can provide even better transport security by requiring that the server an exact certificate that matches the requested hash. This gives the application a chance to defend against MITM attacks that compromise the Web PKI root certs storage of the client. Those have been quite prominent in the wild lately, and before the serverCertificateHashes
capabilities you'd need a native app to defend against those. So, the serverCertificateHashes
is very useful as an intended way of running production.
Hi,
I got a test working where I'm generating self-signed certificates; which I need to include in the client with the
server_certificate_hashes
option.But in a real use-case where I deploy my server, how would clients get correct credentials?