Windows support for nocrypto


I’ve spent a pretty significant time trying to get a web server project to compile on Windows.
It uses ocaml-tls, http/af, ocaml-h2 and ocaml-jwt which have proven to be quite difficult.

The last step that I’ve worked on the last few days is to get nocrypto to work on Windows.
I opened this PR to the nocrypto project that is a initially working version. I know that the code can’t be merged in its current state but at least it’s out there for discussion.

With these changes I have a project that in theory can serve web pages over https, but since I’m using ocaml-h2 eliptic curves are needed in ocaml-tls before I can use that all the way.

If anyone is interested this is the project that I’m working on while doing this. I’m using the esy package manager and the Windows-specific stuff is in windows.json which basically extends the esy.json.

I’ll start a move to ocaml-ssl of the project but will still need nocrypto for jwt. I am however doing Windows support mostly for fun and to unlock more developers to find these amazing languages so I’m not in anyway blocked by this.


Hi Ulrik, this is a cool achievement. I remember, in summer '18 I made a web server on Windows based on cohttp, lwt, and dune (and about 40 transitive dependencies). Back then http/af didn’t have lwt support, so it was far away from being able to run on Windows, so I’m really glad to hear that it works now.

1 Like

this is nice! I briefly looked into your RNG integration code for windows, and left a comment.

there is (unreleased) ECC code, interfacing fiat (mirage/fiat) and hacl (mirage/hacl) – which is used by my OCaml-TLS 1.3 branch. This will hopefully end up in opam-repository soon.


Thanks for the comments! I’ll update the PR when I have time, also left a answer on GitHub.

The 1.3 branch is super interesting since I’m having issues compiling openssl statically for my Docker container.

ocaml-tls will definitely support static linking via dune when that’s merged, since it’s necessary for MirageOS compilation to embedded targets like xen/solo5.