|
From: | Evgeny Grin |
Subject: | Re: [libmicrohttpd] SSL key passwords |
Date: | Thu, 12 Feb 2015 19:43:34 +0300 |
Thank you, Christian Grothoff, for incorporating MHD_OPTION_HTTPS_KEY_PASSWORD into the library!,I attempted to build the changes on an older platform (CentOS 6.6) and came to realize that gnutls_certificate_set_x509_key_mem2(), the GnuTLS function needed if specifying a password, is not available in earlier versions of the GnuTLS library. So I added another preprocessor check, around that function call, to verify that the GnuTLS version is 3 or above. If a password was provided to MHD and the GnuTLS version is too old, then an error is returned. Attached are some simple code diffs, relative to the current SVN baseline, for your consideration.Regards,On Feb 6, 2015, at 9:14 PM, Andrew Basile <address@hidden> wrote:In one of my projects, we are using MHD and need to support SSL encrypted private keys, with passwords. I ended up modifying the MHD code to support propagating, in addition to an SSL certificate and key, an SSL key password through to GnuTLS. With some relatively simple changes in place, the option MHD_OPTION_HTTPS_KEY_PASSWORD can be used when calling MHD_start_daemon() to specify a const char * password string. Also, another debug message is added in order to report the code returned by GnuTLS in the event the SSL certificate/key cannot be processed.
[Prev in Thread] | Current Thread | [Next in Thread] |