hi,
my tool is communicating with a TCP server (not HTTP!). I am using the "net" module for this and it works very well. Now i would like to secure the communication. The communication should be done SSL secured, additionally i would like to implement client certificate authentication. For Nim i am only interested in the client part (the server in this case is simply HAProxy). Getting this to work means, that my client implemented with Nim would have to configure the SSL client certificate somehow, but i am unsure, if that is even possible with either the "net" or the "rawsocket" module? Any ideas?
thanks!
There are some procedures in the net module which deal with SSL. They are unfortunately not in the documentation (I just created an issue for this).
What you need to use is newContext (https://github.com/Araq/Nim/blob/devel/lib/pure/net.nim#L172) and wrapSocket (https://github.com/Araq/Nim/blob/devel/lib/pure/net.nim#L217).
thanks very much! very appreciated ... couldn't test it yet, though, because as soon as i specify "-d:ssl" when compiling the tool, it will not longer run, dies with a "SIGSEGV: Illegal storage access." in a line, that has nothing to do with SSL at all and works perfectly fine without ssl enabled ... mmm have to figure out what's wrong there ...
regarding client certificate: i'll post a follow-up as soon as i got it to run. thanks again!
for some reason i am unable to use "os.splitFile" and "os.extractFilename" as soon as i specify "-d:ssl" ... at least the tool is working again when i do not use any of those functions. my knowledge of Nim & tools is not deep enough to dig any further ...
... but: using SSL and the SSL client certification authentication works!!! i am SO happy! :-)