On Sat, May 30, 2020 at 11:54 AM Nicolas Mora via curl-library <[email protected]> wrote: > > I'm trying to use self-signed client certificates in TLS handshakes > between libcurl and libmicrohttpd. > > So far I'm not able to retrieve the client certificate on the server > side if the client certificate isn't signed by the server CA. I try to > narrow down where the limitation comes from. > > Is it possible with libcurl to use a self-signed client certificate? > CURLOPT_SSLCERT documentation doesn't provide information about that.
Origin Bound Certificates are the "tear-off" certificates that are produced on demand by the client (http://www.usenix.org/system/files/conference/usenixsecurity12/sec12-final162.pdf). I think it is currently called Token Binding under IETF (https://tools.ietf.org/html/draft-ietf-tokbind-protocol). I am not sure how closely Token Binding follows Origin Bound Certificates. Jeff ------------------------------------------------------------------- Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library Etiquette: https://curl.haxx.se/mail/etiquette.html
