-
Notifications
You must be signed in to change notification settings - Fork 0
aseemsethi/openssl-api
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Folders and files
Name | Name | Last commit message | Last commit date | |
---|---|---|---|---|
Repository files navigation
OPENSSL API Examples Compile all examples with "make" 1) Client.c : A simple SSL Client that does a HTTP GET from a server, running using "openssl s_server -WWW command. Code modifed from linux.die.net/man/3/bio_new_ssl_connect code example for using OpenSSL API. 2) client_tcp.c: Use native TCP/IP socket as FD of SSL_NEW structure. This is other way, we can bring up a SSL connection. 3) mem.c: This program tries the Memory BIO. 4) read_mem.c: This program tries the Memory BIO. Generation of Keys for openssl_s: (ref: akadia.com/services/ssh_test_certificate.html) Generate 1024 bit Private Key, which is encrypted using triple DES $ openssl genrsa -des3 -out server.key 1024 Generate a CSR - enter various details like Org Name, etc. $ openssl req -new -key server.key -out server.csr Remove passphrase from Key - removed triple des encrption from key. This ensures that if the server.cert/server.key pair is used in Apache, it will not ask for password whenever web server is started. $ cp server.key server.key.org $ openssl rsa -in server.key.org -out server.key Generate a Sel-Signed Certificate $ openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt At the End of the above excercise the pair server.crt and server.key are used in any SSL Server like Apache Server. Testing the SSL Client program: To Test the SSL Client program, openssl_s test server was used as follows Start Server openssl0.9.8x is used in this example as a server. $ openssl s_server -key server.key -cert server.crt -debug -state -msg -WWW The -WWW starts a simple Web Server, and retrives files relative to where the openssl_s is started from. The Keys are generated as explained above: 1) server.key - private key 1) server.cert - Self Signed Certificate 1) Flags - -debug -state -msg Note: create a file called index.html in the same directory, where "openssl s_server -WWW" is started. The client does a HTTP Get for this file in the example code. Start Client ./client Note; server.crt is the Public Cert that is needed at the client, for Certificate verification. Copy the file into the directory, from where the client is being run.
About
Testing some openssl APIs
Resources
Stars
Watchers
Forks
Releases
No releases published
Packages 0
No packages published