search

flomesh-io / pipy

Pipy is a programmable proxy for the cloud, edge and IoT.
https://flomesh.io/pipy
Other
775 stars 73 forks source link

Support for SM2 Certificates #192

Closed ruimya closed 3 months ago

ruimya commented 3 months ago

Pipy Gateway supports a range of certificate types, but SM2 certificates are not included. It is possible that using Tongtong SSL could facilitate the addition of SM2 certificate support in Pipy Gateway by replacing the standard OpenSSL library.

keveinliu commented 3 months ago

Hi,

We've support Tongsuo as SSL library already. Here's the PR: #161 Use -DPIPY_OPENSSL option in cmake , refer to your Tongsuo library, like:

cmake -DPIPY_GUI=OFF \                                                                              
 -DPIPY_SAMPLES=OFF \
 -DCMAKE_C_COMPILER=clang \
 -DCMAKE_CXX_COMPILER=clang++ \
 -DCMAKE_BUILD_TYPE=Release \
 -DPIPY_OPENSSL=/home/kevein/Codebase/Tongsuo/build \
 -DPIPY_USE_NTLS=ON ..

And replace params in acceptTLS(), according to samples/gateway , change it to:

    .acceptTLS({ ntls: true, certificate: { certSign, keySign, certEnc, keyEnd }
   })

Thanks,

keveinliu commented 3 months ago

Hi @ruimya

Has your question been clear? Or any further information?

Cheers, Kevein