SSL certificates error with websockets client connecting to localhost

vivanov · February 7, 2026, 4:04pm

Hey, I am getting an error when using the cohttp_async_websocket package. I am connecting to localhost

(monitor.ml.Error
 (Ssl_error ("error:0A000086:SSL routines::certificate verify failed")
  src/ssl.ml:201:20)
 ("Called from Core__Error.failwiths in file \"core/src/error.ml\", line 5, characters 2-50"
  "Caught by monitor ssl_pipe"))

I would do this in python to ignore SSL certificates for a particular connection. Is there anything similar?

ssl_context = ssl._create_unverified_context()

vivanov · February 7, 2026, 4:04pm

@jrfondren do you maybe know how to fix this?

jrfondren · February 7, 2026, 4:21pm

With Merlin or an LSP you can have a key bound to take you to the implementation of a function. What I’d do is start there, copying Client.create into a new function that takes an Ssl.socket that can be set up appropriately.

Client.create as written doesn’t have a workaround. To put it nicely it’s a convenient and high-level interface with only the one override in hostname_for_ssl.

If you don’t want to do that, and if you only want this for testing, try testing with a VPS and a valid SSL.

vivanov · February 7, 2026, 10:27pm

I did the following:

I created my own certificate, i.e. ~/Downloads/unknown.pem
used Firefox to download it after opening my localhost page
run the following command:

export SSL_CERT_FILE=~/Downloads/unknown.pem
dune exec -- ./_build/default/bin/ws_client.exe

it worked

Topic		Replies	Views
Cohttp client tls exception Learning lwt , cohttp	3	1380	March 7, 2020
SSL error using Cohttp_async Ecosystem	5	1530	November 14, 2018
Help debug ocaml async websocket echo client Learning async , websocket	2	42	February 7, 2026
Adding cert to Cohttp_lwt_unix client? Learning	11	633	March 11, 2024
Ocaml-ssl, Unix.select and zero return Community ssl	2	849	May 31, 2019

SSL certificates error with websockets client connecting to localhost

Related topics