RFC7250 - RawPublicKey - No Suitable Certificate? #186
Labels
enhancement
New feature or request
Comments
|
Empty client certificate list back to the server works for me. |
boaks
added a commit
to boaks/tinydtls
that referenced
this issue
Aug 26, 2024
Use empty client certificate, if a certificate is requested but no certificate is available. Issue eclipse#186 Signed-off-by: Achim Kraus <achim.kraus@cloudcoap.net>
boaks
added a commit
to boaks/tinydtls
that referenced
this issue
Aug 26, 2024
Use empty client certificate, if a certificate is requested but no certificate is available. Issue eclipse#186 Signed-off-by: Achim Kraus <achim.kraus@cloudcoap.net>
boaks
added a commit
that referenced
this issue
Aug 28, 2024
Use empty client certificate, if a certificate is requested but no certificate is available. Issue #186 Signed-off-by: Achim Kraus <achim.kraus@cloudcoap.net>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I'm currently on testing the interoperability of the OpenSSL - RPK PR.
If the client has "no suitable certificate", the current implementation in "main" branch aborts the handshake.
dtls.c: check_server_hellodone
An alternative approach would be, to implement RFC 5246 - 7.4.6 - Client Certificate :
That enables an server to decide to continue or abort.
Any opinions?
The text was updated successfully, but these errors were encountered: