Set up the server certificate
Generate the server certificate and configure the DTLS transport to use it
Generating the server certificate
The server certificate and private key can be generated using OpenSSL.
Windows Users
If you’re on Windows and need to install OpenSSL, you can grab pre-compiled binaries from Shining Light. The Win64 OpenSSL Light installer has everything you’ll need.To generate a certificate, run the following command:
openssl req -x509 -newkey rsa:2048 -sha256 -days 36500 -nodes -subj "/C=US/CN=SnapNet" -out server-cert.pem -keyout server-key.pem
This will output two files, server-cert.pem and server-key.pem, in the directory in which you ran the preceding command. These are the public server certificate and the private server key, respectively.
Configuring the DTLS transport
Place the
server-cert.pem and server-key.pem files in <Game>/Content/SnapNet where <Game> is the folder that contains your .uproject file. The SnapNet plugin will automatically package the certificate in all builds but will only package the key in dedicated server builds. The certificate and key will automatically be used by the DTLS transport when present. Note that the filenames must match exactly or they will not be found by the plugin.
Warning
Take care to ensure that the private key is only available in server builds and is never present in any build you distribute, even if it is never used.Read the .pem files into standard C strings and use the snapnet_transport_dtls_set_certificate function, specifying the DTLS transport created for the given client or server, the certificate and, on the server-side, the private key. This can be called anytime prior to calling snapnet_server_start() or snapnet_client_connect().
// For servers
snapnet_transport_dtls_set_certificate( transport, certificate_pem, private_key_pem );
snapnet_server_start( server );
// For clients
snapnet_transport_dtls_set_certificate( transport, certificate_pem, NULL );
snapnet_client_connect( client );