From a8c26442b8e74c576cdcd6355f5adeed5f1f5292 Mon Sep 17 00:00:00 2001 From: Razvan Grigore Date: Thu, 4 Sep 2025 17:43:04 +0200 Subject: [PATCH] Add beginSslWithClientKey --- src/WebSocketsClient.cpp | 17 ++++++++++++++--- src/WebSocketsClient.h | 3 +++ 2 files changed, 17 insertions(+), 3 deletions(-) diff --git a/src/WebSocketsClient.cpp b/src/WebSocketsClient.cpp index 60a47d3..c8181e8 100644 --- a/src/WebSocketsClient.cpp +++ b/src/WebSocketsClient.cpp @@ -128,6 +128,12 @@ void WebSocketsClient::beginSslWithCA(const char * host, uint16_t port, const ch _CA_bundle = NULL; } +void WebSocketsClient::beginSslWithClientKey(const char * host, uint16_t port, const char * url, const char * CA_cert, const char * clientCert, const char * clientPrivateKey, const char * protocol) { + _client_cert = clientCert; + _client_key = clientPrivateKey; + beginSslWithCA(host, port, url, CA_cert, protocol); +} + #if defined(ESP32) && ESP_ARDUINO_VERSION >= ESP_ARDUINO_VERSION_VAL(3, 0, 4) void WebSocketsClient::beginSslWithBundle(const char * host, uint16_t port, const char * url, const uint8_t * CA_bundle, size_t CA_bundle_size, const char * protocol) { begin(host, port, url, protocol); @@ -256,8 +262,13 @@ void WebSocketsClient::loop(void) { _client.ssl = new WEBSOCKETS_NETWORK_SSL_CLASS(); _client.tcp = _client.ssl; if(_CA_cert) { - DEBUG_WEBSOCKETS("[WS-Client] setting CA certificate"); + DEBUG_WEBSOCKETS("[WS-Client] setting CA certificate\n"); #if defined(ESP32) + if(_client_cert && _client_key) { + _client.ssl->setCertificate(_client_cert); + _client.ssl->setPrivateKey(_client_key); + DEBUG_WEBSOCKETS("[WS-Client] no client certificate and key set\n"); + } _client.ssl->setCACert(_CA_cert); #elif defined(ESP8266) && defined(SSL_AXTLS) _client.ssl->setCACert((const uint8_t *)_CA_cert, strlen(_CA_cert) + 1); @@ -272,7 +283,7 @@ void WebSocketsClient::loop(void) { #endif #if defined(ESP32) } else if(_CA_bundle) { - DEBUG_WEBSOCKETS("[WS-Client] setting CA bundle"); + DEBUG_WEBSOCKETS("[WS-Client] setting CA bundle\n"); #if ESP_ARDUINO_VERSION >= ESP_ARDUINO_VERSION_VAL(3, 0, 4) _client.ssl->setCACertBundle(_CA_bundle, _CA_bundle_size); #else @@ -288,7 +299,7 @@ void WebSocketsClient::loop(void) { } if(_client_cert && _client_key) { _client.ssl->setClientRSACert(_client_cert, _client_key); - DEBUG_WEBSOCKETS("[WS-Client] setting client certificate and key"); + DEBUG_WEBSOCKETS("[WS-Client] setting client certificate and key\n"); #endif } } else { diff --git a/src/WebSocketsClient.h b/src/WebSocketsClient.h index 8294b3c..47007db 100644 --- a/src/WebSocketsClient.h +++ b/src/WebSocketsClient.h @@ -55,6 +55,7 @@ class WebSocketsClient : protected WebSockets { void setSSLClientCertKey(const char * clientCert = NULL, const char * clientPrivateKey = NULL); #endif void beginSslWithCA(const char * host, uint16_t port, const char * url = "/", const char * CA_cert = NULL, const char * protocol = "arduino"); + void beginSslWithClientKey(const char * host, uint16_t port, const char * url, const char * CA_cert, const char * clientCert, const char * clientPrivateKey, const char * protocol); #ifdef ESP32 #if ESP_ARDUINO_VERSION >= ESP_ARDUINO_VERSION_VAL(3, 0, 4) void beginSslWithBundle(const char * host, uint16_t port, const char * url = "/", const uint8_t * CA_bundle = NULL, size_t CA_bundle_size = 0, const char * protocol = "arduino"); @@ -122,6 +123,8 @@ class WebSocketsClient : protected WebSockets { String _fingerprint; const char * _CA_cert; const uint8_t * _CA_bundle; + const char * _client_cert; + const char * _client_key; #if defined(ESP32) #if ESP_ARDUINO_VERSION >= ESP_ARDUINO_VERSION_VAL(3, 0, 4) size_t _CA_bundle_size;