I'm looking for advise on how to require client authentication certificate

vi / websocat

Command-line client for WebSockets, like netcat (or curl) for ws:// with advanced socat-like functions

MIT License

6.74k stars 261 forks source link

I'm looking for advise on how to require client authentication certificate #73

Open deanhuff opened 4 years ago

deanhuff commented 4 years ago

I'm using websocat to grab local UDP multicast traffic and make it available to webpages via wss like so:

websocat -Et --pkcs12-der=/data/mykeystore.pkcs12 wss-l:192.168.1.100:1234 reuse:udp-l:0.0.0.0:30000 --udp-multicast=224.223.222.221 --udp-multicast-iface-v4=127.0.0.1 --udp-reuseaddr

Do you have an example that sets up the wss connection that would require a client auth cert via TLS?

thanks -Dean

vi commented 4 years ago

This is currently not supported by Websocat. SSL listener is mostly aimed to making quick self-signed wss:// nodes for development.

For now, TLS handling part may be separated to another application (e.g. Nginx), leaving Websocat to deal with pre-authenticated pre-decrypted traffic.

I'll consider this issue as a feature request to implement client certificate verification in future Websocat version.