ClientHello Message

Question

ClientHello Message

SteveSelva opened this issue 2 years ago · 3 comments

I want to generate SSL Certificate on the fly. I found a way using the ClientHello message in the TLS handshake, which contains the Server Name in the SNI extension. Is there any way to get the Server Name at ClientHello message or any other way to generate Certificate on the fly?

Answer 1 · 2023-05-30T16:10:17.000Z

There used to be a hook for this in wangle::SSLContextConfig, but it was removed in facebook/wangle@398695a

Answer 2 · 2023-05-30T16:10:30.000Z

CC: @AjanthanAsogamoorthy

Answer 3 · 2023-05-30T16:22:02.000Z

I have found two functions in folly::SSLContext; folly::SSLContext::setServerNameCallback() & folly::SSLContext::addClientHelloCallback(), which purposes my functionality, but to use those I must use folly::AsyncSSLSocket::sslAccept to accept the connection instead of using Fizz.
But I don't know how to use it properly, or its with a bug, folly::AsyncSSLSocket::sslAccept(). And I have raised it as an issue in Facebook::folly github group.https://github.com/facebook/folly/issues/2007. Help me fix this issue.