ded/cpp-httplib
1
0
Fork 0
mirror of https://github.com/yhirose/cpp-httplib.git synced 2026-04-11 19:28:30 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
529dafdee36dbcf33ad8d914e4ce755a953736f2
cpp-httplib/docs-src/pages/en/cookbook/t01-tls-backends.md
yhirose 529dafdee3 Add Cookbook other topics (draft)
2026-04-10 19:02:44 -04:00

2.1 KiB
Raw Blame History

title, order, status
title order status
T01. Choosing Between OpenSSL, mbedTLS, and wolfSSL 42 draft

cpp-httplib doesn't ship its own TLS implementation — it uses one of three backends that you pick at build time via a macro.

Backend Macro Character
OpenSSL CPPHTTPLIB_OPENSSL_SUPPORT Most widely used, richest feature set
mbedTLS CPPHTTPLIB_MBEDTLS_SUPPORT Lightweight, aimed at embedded
wolfSSL CPPHTTPLIB_WOLFSSL_SUPPORT Embedded-friendly, commercial support available

Build-time selection

Define the macro for your chosen backend before including httplib.h:

#define CPPHTTPLIB_OPENSSL_SUPPORT
#include <httplib.h>

You'll also need to link against the backend's libraries (libssl, libcrypto, libmbedtls, libwolfssl, etc.).

Which to pick

When in doubt, OpenSSL
It has the most features and the best documentation. For normal server use or Linux desktop apps, start here — you probably won't need anything else.

To shrink binary size or target embedded
mbedTLS or wolfSSL are a better fit. They're far more compact than OpenSSL and run on memory-constrained devices.

When you need commercial support
wolfSSL offers commercial licensing and support. If you're shipping in a product, it's worth considering.

Supporting multiple backends

The usual approach is to treat each backend as a build variant and recompile the same source with different macros. cpp-httplib smooths over most of the API differences, but the backends are not 100% identical — always test.

APIs that work across all backends

Certificate verification control, standing up an SSLServer, reading the peer certificate — these all share the same API across backends:

  • T02. Control SSL Certificate Verification
  • T03. Start an SSL/TLS Server
  • T05. Access the Peer Certificate on the Server Side

Note: On macOS with an OpenSSL-family backend, cpp-httplib automatically loads root certificates from the system keychain (via CPPHTTPLIB_USE_CERTS_FROM_MACOSX_KEYCHAIN, on by default). To disable this, define CPPHTTPLIB_DISABLE_MACOSX_AUTOMATIC_ROOT_CERTIFICATES.

Reference in New Issue View Git Blame Copy Permalink