HTTPS - mutual authentication | developer.brewmp.com HTTPS - mutual authentication | developer.brewmp.com

Developer

HTTPS - mutual authentication

Forums:

I'm very new in Brew development :p ....I have some questions as follows:
Is it possible to develop Brew application that supports HTTPS - SSL/TLS mutual authentication ?
The server wants to verify the client. Therefore the Brew client will need to store certificate and sends this certificate to the server to verify.
How to do this? Can this be done with Brew SDK? :confused:

Please advise.

Thank you very much.

Narnia wrote:I'm very new in Brew development :p ....I have some questions as follows:
Is it possible to develop Brew application that supports HTTPS - SSL/TLS mutual authentication ?
The server wants to verify the client. Therefore the Brew client will need to store certificate and sends this certificate to the server to verify.
How to do this? Can this be done with Brew SDK? :confused:
Please advise.
Thank you very much.
Quote:
API REF
If an application requires a root certificate which is not in the set, it will need to add the certificate(s) (in DER format) as an option of type WEBOPT_X509_ROOT_CERTS.
so all u have to do is to load the keys into a buffer and feed it to Iweb within WEBOPT_X509_ROOT_CERTS option.

Narnia wrote:I'm very new in Brew development :p ....I have some questions as follows:
Is it possible to develop Brew application that supports HTTPS - SSL/TLS mutual authentication ?
The server wants to verify the client. Therefore the Brew client will need to store certificate and sends this certificate to the server to verify.
How to do this? Can this be done with Brew SDK? :confused:
Please advise.
Thank you very much.
Quote:
API REF
If an application requires a root certificate which is not in the set, it will need to add the certificate(s) (in DER format) as an option of type WEBOPT_X509_ROOT_CERTS.
so all u have to do is to load the keys into a buffer and feed it to Iweb within WEBOPT_X509_ROOT_CERTS option.

Hi mk.manju,
Thank you for the reply :)
So if I do that, can I send client certificate to the server?
The server requires verification of client certificate.
Normally we verify if the server is the one that we want to talk but in my case, the server also wants to verify if this is the authorised client that he can talk with.
I don't know if IWeb can do this....
What do you think?

Hi mk.manju,
Thank you for the reply :)
So if I do that, can I send client certificate to the server?
The server requires verification of client certificate.
Normally we verify if the server is the one that we want to talk but in my case, the server also wants to verify if this is the authorised client that he can talk with.
I don't know if IWeb can do this....
What do you think?