@@ -122,19 +122,27 @@ void WebSocketsClient::beginSSL(const char * host, uint16_t port, const char * u
122122 _fingerprint = fingerprint;
123123 _CA_cert = NULL ;
124124}
125- void WebSocketsClient::beginSslWithCA (const char * host, uint16_t port, const char * url, const char * CA_cert, const char * protocol) {
126- begin (host, port, url, protocol);
127- _client.isSSL = true ;
128- _fingerprint = SSL_FINGERPRINT_NULL;
129- _CA_cert = new BearSSL::X509List (CA_cert);
130- }
131125
132126void WebSocketsClient::beginSslWithCA (const char * host, uint16_t port, const char * url, BearSSL::X509List * CA_cert, const char * protocol) {
133127 begin (host, port, url, protocol);
134128 _client.isSSL = true ;
135129 _fingerprint = SSL_FINGERPRINT_NULL;
136130 _CA_cert = CA_cert;
137131}
132+
133+ void WebSocketsClient::beginSslWithCA (const char * host, uint16_t port, const char * url, const char * CA_cert, const char * protocol) {
134+ beginSslWithCA (host, port, url, new BearSSL::X509List (CA_cert), protocol);
135+ }
136+
137+ void WebSocketsClient::setSSLClientCertKey (BearSSL::X509List * clientCert, BearSSL::PrivateKey * clientPrivateKey) {
138+ _client_cert = clientCert;
139+ _client_key = clientPrivateKey;
140+ }
141+
142+ void WebSocketsClient::setSSLClientCertKey (const char * clientCert, const char * clientPrivateKey) {
143+ setSSLClientCertKey (new BearSSL::X509List (clientCert), new BearSSL::PrivateKey (clientPrivateKey));
144+ }
145+
138146#endif // SSL_AXTLS
139147#endif // HAS_SSL
140148
@@ -148,7 +156,7 @@ void WebSocketsClient::beginSocketIO(String host, uint16_t port, String url, Str
148156}
149157
150158#if defined(HAS_SSL)
151- void WebSocketsClient::beginSocketIOSSL (const char * host, uint16_t port, const char * url, const char * protocol) {
159+ void WebSocketsClient::beginSocketIOSSL (const char * host, uint16_t port, const char * url, const char * protocol) {
152160 begin (host, port, url, protocol);
153161 _client.isSocketIO = true ;
154162 _client.isSSL = true ;
@@ -159,17 +167,29 @@ void WebSocketsClient::beginSocketIOSSL(String host, uint16_t port, String url,
159167 beginSocketIOSSL (host.c_str (), port, url.c_str (), protocol.c_str ());
160168}
161169
162- void WebSocketsClient::beginSocketIOSSLWithCA (const char * host, uint16_t port, const char * url, const char * CA_cert, const char * protocol) {
170+ #if defined(SSL_BARESSL)
171+ void WebSocketsClient::beginSocketIOSSLWithCA (const char * host, uint16_t port, const char * url, BearSSL::X509List * CA_cert, const char * protocol) {
163172 begin (host, port, url, protocol);
164173 _client.isSocketIO = true ;
165174 _client.isSSL = true ;
166175 _fingerprint = SSL_FINGERPRINT_NULL;
167- #if defined(SSL_AXTLS)
168176 _CA_cert = CA_cert;
169- #else
177+ }
178+ #endif
179+
180+ void WebSocketsClient::beginSocketIOSSLWithCA (const char * host, uint16_t port, const char * url, const char * CA_cert, const char * protocol) {
181+ begin (host, port, url, protocol);
182+ _client.isSocketIO = true ;
183+ _client.isSSL = true ;
184+ _fingerprint = SSL_FINGERPRINT_NULL;
185+ #if defined(SSL_BARESSL)
170186 _CA_cert = new BearSSL::X509List (CA_cert);
187+ #else
188+ _CA_cert = CA_cert;
171189#endif
172190}
191+
192+
173193#endif
174194
175195#if (WEBSOCKETS_NETWORK_TYPE != NETWORK_ESP8266_ASYNC)
@@ -213,6 +233,10 @@ void WebSocketsClient::loop(void) {
213233 _client.ssl ->setFingerprint (_fingerprint);
214234 } else {
215235 _client.ssl ->setInsecure ();
236+ }
237+ if (_client_cert && _client_key) {
238+ _client.ssl ->setClientRSACert (_client_cert, _client_key);
239+ DEBUG_WEBSOCKETS (" [WS-Client] setting client certificate and key"
216240#endif
217241 }
218242 } else {
0 commit comments