Keyboard shortcuts

Press or to navigate between chapters

Press S or / to search in the book

Press ? to show this help

Press Esc to hide this help

HTTPS com mTLS

Certificados

Gerar certificados:

# Servidor
openssl req -x509 -newkey ed25519 -noenc -keyout server.key -out server.crt -subj '/CN=localhost' -addext 'subjectAltName=DNS:localhost' -days 365

# Cliente
openssl req -x509 -newkey ed25519 -noenc -keyout client.key -out client.crt -subj '/CN=client' -days 365

Servidor

Executar servidor de exemplo com OpenSSL:

openssl s_server -port 4433 -www -cert server.crt -key server.key -CAfile client.crt -Verify 1 -verify_return_error

Cliente

Realizar requisições:

# cURL
curl -v --cacert server.crt --cert client.crt --key client.key https://localhost:4433/

# HTTPie
http -v --cert=client.crt --cert-key=client.key --verify=server.crt https://localhost:4433/