How to connect to SSL TCP sockets using a trusted certificate (not self signed?)
spaghetti- opened this issue · 5 comments
I have a server to which I can connect using openssl as so:
$ openssl s_client -connect example.com:port
and it establishes fine. The certificate is issued by Digicert.
How can I connect to this socket using BlueSSLService? I am using the follow code
import Socket
import SSLService
//snip
let conf = SSLService.Configuration();
let socket = try Socket.create(family: .inet, type: .stream, proto: .tcp);
socket.delegate = try SSLService(usingConfiguration: conf)which fails with The operation couldn’t be completed. (Socket.SSLError error 0.)
I can only find documentation for self signed certificates in the repo.
I tried it again with a different domain (letsencrypt cert this time around) and I have the same error.
Try using the following code to create the configuration:
let config = SSLService.Configuration(withCipherSuite: nil)
let socket = try Socket.create(family: .inet, type: .stream, proto: .tcp)
socket.delegate = try SSLService(usingConfiguration: config)
The default Configuration init method should not be used. In a future release of SSLService, this will be enforced.
Re-open this issue if you still have the problem after making the change. Thanks.
I just looked at it a bit more... There was a default constructor (due to improperly defaulting parameters) that was getting called. The change I suggested above will work for the current version however, in a future version (maybe later today), what you originally coded will work. Thanks for the find. I'm re-opening the issue pending the fix.
The change above did indeed work for me. Thank you loads @billabt
Glad the fix worked for you. It's now permanently fixed in 0.12.38. Using the default initializer will work as expected. Thanks again for finding this.