Universal Windows application TLS certificate issue

[rh101]

A project is built for UWP using C++/WinRT, using the following settings in CMakeLists.txt:

set(USE_TLS TRUE CACHE BOOL "Enable TLS support" FORCE)
set(USE_OPEN_SSL ON)
set(OPENSSL_FOUND TRUE)
set(OPENSSL_LIBRARIES OpenSSL::Crypto OpenSSL::SSL) # links to external libraries

When running a native Win32 (x86/x64) version of the application, everything works correctly, but when running a UWP app, it results in this error:

D/IXWebSocketClient.cpp (760): IXWebSocketClient (000001B1FE918370) onConnectionError, state: 3,reason: Unable to connect to [DOMAIN] on port [PORT], error: OpenSSL failed - SSL_CTX_load_verify_locations("C:/Users/[username]/AppData/Local/Packages/abcdef-1234-5678-ab15-94260df03d68_795frxyz5pcf7/LocalState/certs/certificate.pem") failed: error:05880002:x509 certificate routines::system lib, decompressionError: 0, http_status: 0

If the certificate file contents are passed to ix::SocketTLSOptions instead of the certificate path (so SocketTLSOptions::isUsingInMemoryCAs() returns true), then there are no errors, and everything works correctly.

Is there any way to know why passing the certificate file path to SSL_CTX_load_verify_locations fails?

[bsergean]

Sorry I have no idea on what the problem could be.

Eventually OpenSSL will call the same code, so if you can trace/debug into OpenSSL into both code path (the one that work and the one that does not) you might see the difference.

[rh101]

Eventually OpenSSL will call the same code, so if you can trace/debug into OpenSSL into both code path (the one that work and the one that does not) you might see the difference.

I'll see what I can do (using pre-built libraries of OpenSSL at the moment), but I assume that if there is a problem, then it would be within OpenSSL, and not IXWebSocket, so I'll close this issue.