Configure asio context to use tls

Question

Can you tell me (or show code which is better) how to configure boost::asio::ssl::context to work properly with TLS? I use websocket-server (websocket++) which uses boost::asio to configure. What options should I set to make it works? I know that I should set

context_ptr ctx = websocketpp::lib::make_shared<boost::asio::ssl::context>(boost::asio::ssl::context::sslv23);
ctx->set_options(boost::asio::ssl::context::default_workarounds);

to work with sslv23 and higher (including my TLS). I want to set somehow to server my RSA key that I hold in memory. Websockets must also set up it somehow to pass this TLS auth. And how can I set this needed parameters in websockets?

ps: sorry for dummy questions

Answer 1

WebSocket++ uses a policy-based approach to enable TLS support on an endpoint. The configuration policy for Boost.Asio TLS support is in the websocketpp/config/asio.hpp header file. Upon including it, instantiating a server with the websocketpp::config::asio_tls policy will allow one to provide boost::asio::ssl::context through a callback provided to set_tls_init_handler():

websocketpp::lib::shared_ptr<boost::asio::ssl::context> on_tls_init(
    websocketpp::connection_hdl
)
{
  auto ctx = websocketpp::lib::make_shared<boost::asio::ssl::context>(
      boost::asio::ssl::context::sslv23);
  // ... configure ctx as desired
  return ctx;
}

int main()
{
  using websocketpp::lib::placeholders::_1;
  using websocketpp::lib::bind;

  // Create server with Asio TLS configuration.
  websocketpp::server<websocketpp::config::asio_tls> server;
  server.init_asio();

  // Set the handler which will return the `ssl::context`.
  server.set_tls_init_handler(bind(&on_tls_init, _1));

  // set other handlers, listen, accept, run, etc...
}

See the official echo_server_tls example for a complete example on WebSocket++ TLS support.