1d4afb5ceSopenharmony_ci# lws minimal http server with tls and certs from memory 2d4afb5ceSopenharmony_ci 3d4afb5ceSopenharmony_ciThis is the same as the minimal-http-server-tls example, but shows how 4d4afb5ceSopenharmony_cito init the vhost with both PEM or DER certs from memory instead of files. 5d4afb5ceSopenharmony_ci 6d4afb5ceSopenharmony_ciThe server listens on port 7681 (initialized with PEM in-memory certs) and 7d4afb5ceSopenharmony_ciport 7682 (initialized with DER in-memory certs). 8d4afb5ceSopenharmony_ci 9d4afb5ceSopenharmony_ci## build 10d4afb5ceSopenharmony_ci 11d4afb5ceSopenharmony_ci``` 12d4afb5ceSopenharmony_ci $ cmake . && make 13d4afb5ceSopenharmony_ci``` 14d4afb5ceSopenharmony_ci 15d4afb5ceSopenharmony_ci## usage 16d4afb5ceSopenharmony_ci 17d4afb5ceSopenharmony_ci``` 18d4afb5ceSopenharmony_ci $ ./lws-minimal-http-server-tls-mem 19d4afb5ceSopenharmony_ci[2019/02/14 14:46:40:9783] USER: LWS minimal http server TLS | visit https://localhost:7681 20d4afb5ceSopenharmony_ci[2019/02/14 14:46:40:9784] NOTICE: Using SSL mode 21d4afb5ceSopenharmony_ci[2019/02/14 14:46:40:9784] NOTICE: lws_tls_server_vhost_backend_init: vh first: mem CA OK 22d4afb5ceSopenharmony_ciparsing as der 23d4afb5ceSopenharmony_ci[2019/02/14 14:46:40:9849] NOTICE: no client cert required 24d4afb5ceSopenharmony_ci[2019/02/14 14:46:40:9849] NOTICE: created client ssl context for first 25d4afb5ceSopenharmony_ci[2019/02/14 14:46:40:9849] NOTICE: Using SSL mode 26d4afb5ceSopenharmony_ci[2019/02/14 14:46:40:9850] NOTICE: lws_tls_server_vhost_backend_init: vh second: mem CA OK 27d4afb5ceSopenharmony_ciparsing as der 28d4afb5ceSopenharmony_ci[2019/02/14 14:46:40:9894] NOTICE: no client cert required 29d4afb5ceSopenharmony_ci[2019/02/14 14:46:40:9894] NOTICE: created client ssl context for second 30d4afb5ceSopenharmony_ci[2019/02/14 14:46:40:9894] NOTICE: vhost first: cert expiry: 36167d 31d4afb5ceSopenharmony_ci[2019/02/14 14:46:40:9894] NOTICE: vhost second: cert expiry: 36167d 32d4afb5ceSopenharmony_ci[2018/03/20 13:23:14:0207] NOTICE: vhost default: cert expiry: 730459d 33d4afb5ceSopenharmony_ci``` 34d4afb5ceSopenharmony_ci 35d4afb5ceSopenharmony_ciVisit https://127.0.0.1:7681 and https://127.0.0.1:7682 36d4afb5ceSopenharmony_ci 37d4afb5ceSopenharmony_ciBecause it uses a selfsigned certificate, you will have to make an exception for it in your browser. 38d4afb5ceSopenharmony_ci 39d4afb5ceSopenharmony_ci## Certificate creation 40d4afb5ceSopenharmony_ci 41d4afb5ceSopenharmony_ciThe selfsigned certs provided were created with 42d4afb5ceSopenharmony_ci 43d4afb5ceSopenharmony_ci``` 44d4afb5ceSopenharmony_ciecho -e "GB\nErewhon\nAll around\nlibwebsockets-test\n\nlocalhost\nnone@invalid.org\n" | openssl req -new -newkey rsa:4096 -days 36500 -nodes -x509 -keyout "localhost-100y.key" -out "localhost-100y.cert" 45d4afb5ceSopenharmony_ci``` 46d4afb5ceSopenharmony_ci 47d4afb5ceSopenharmony_cithey cover "localhost" and last 100 years from 2018-03-20. 48d4afb5ceSopenharmony_ci 49d4afb5ceSopenharmony_ciYou can replace them with commercial certificates matching your hostname. 50d4afb5ceSopenharmony_ci 51d4afb5ceSopenharmony_ciThe der content was made from PEM like this 52d4afb5ceSopenharmony_ci 53d4afb5ceSopenharmony_ci``` 54d4afb5ceSopenharmony_ci $ cat ../minimal-http-server-tls/localhost-100y.key | grep -v ^- | base64 -d | hexdump -C | tr -s ' ' | cut -d' ' -f2- | cut -d' ' -f-16 | sed "s/|.*//g" | sed "s/0000.*//g" | sed "s/^/0x/g" | sed "s/\ /\,\ 0x/g" | sed "s/\$/,/g" | sed "s/0x,//g" 55d4afb5ceSopenharmony_ci``` 56d4afb5ceSopenharmony_ci 57d4afb5ceSopenharmony_ci## HTTP/2 58d4afb5ceSopenharmony_ci 59d4afb5ceSopenharmony_ciIf you built lws with `-DLWS_WITH_HTTP2=1` at cmake, this simple server is also http/2 capable 60d4afb5ceSopenharmony_ciout of the box. If the index.html was loaded over http/2, it will display an HTTP 2 png. 61