Lines Matching refs:vhost
58 struct lws_vhost *vhost, *vh;
63 * We can only get ssl accepted connections by using a vhost's ssl_ctx
80 vhost = lws_select_vhost(context, vh->listen_port,
82 if (!vhost) {
88 lwsl_info("SNI: Found: %s:%d at vhost '%s'\n", servername,
89 vh->listen_port, vhost->name);
91 if (!vhost->tls.ssl_ctx) {
92 lwsl_err("%s: vhost %s matches SNI but no valid cert\n",
98 /* select the ssl ctx from the selected vhost for this conn */
99 SSL_set_SSL_CTX(ssl, vhost->tls.ssl_ctx);
105 lws_tls_server_certs_load(struct lws_vhost *vhost, struct lws *wsi,
120 n = (int)lws_tls_generic_cert_checks(vhost, cert, private_key);
149 if (lws_tls_alloc_pem_to_der_file(vhost->context, cert, mem_cert,
156 err = SSL_CTX_use_certificate_ASN1(vhost->tls.ssl_ctx, (int)flen, p);
163 if (lws_tls_alloc_pem_to_der_file(vhost->context, private_key,
171 err = SSL_CTX_use_PrivateKey_ASN1(0, vhost->tls.ssl_ctx, p, (long)flen);
179 vhost->tls.skipped_certs = 0;
186 struct lws_vhost *vhost, struct lws *wsi)
193 vhost->tls.ssl_ctx = SSL_CTX_new(method, &vhost->context->mcdc); /* create context */
194 if (!vhost->tls.ssl_ctx) {
199 if (!vhost->tls.use_ssl ||
205 vhost->name, info->ssl_ca_filepath);
206 if (lws_tls_alloc_pem_to_der_file(vhost->context,
214 if (SSL_CTX_add_client_CA_ASN1(vhost->tls.ssl_ctx, (int)flen, p) != 1) {
223 SSL_CTX_add_client_CA_ASN1(vhost->tls.ssl_ctx,
230 lwsl_notice("%s: vh %s: mem CA OK\n", __func__, vhost->name);
233 n = lws_tls_server_certs_load(vhost, wsi, info->ssl_cert_filepath,
249 wsi->tls.ssl = SSL_new(wsi->a.vhost->tls.ssl_ctx);
259 if (wsi->a.vhost->tls.ssl_info_event_mask)
289 if (strstr(wsi->a.vhost->name, ".invalid")) {
290 lwsl_notice("%s: vhost has .invalid, "
453 lws_tls_acme_sni_cert_create(struct lws_vhost *vhost, const char *san_a,
468 n = lws_genrsa_new_keypair(vhost->context, &ctx, LGRSAM_PKCS1_1_5,
554 n = SSL_CTX_use_certificate_ASN1(vhost->tls.ssl_ctx,
565 n = SSL_CTX_use_PrivateKey_ASN1(0, vhost->tls.ssl_ctx,
591 lws_tls_acme_sni_cert_destroy(struct lws_vhost *vhost)