On Thu, Feb 01, 2007 at 01:44:05AM +0100, Bertram Scharpf wrote:
> > Can openssl be used for HTTP communication without using SSL if in the
> > future we are going to SSL communication to our project?
>
> You should consider using SSL right from the start. There
> are loads of key generation howtos on the web. I'm running
> Apache on Gentoo here and it worked right from the start.
> Just say "openssl s_client ..." instead of "telnet ..." on
> the client side.
Really, stunnel is a more a appropriate protocol adaptor than "s_client".
OpenSSL does not have any NOOP ciphers, the least you can do is skip
encryption and authentication, but still do a DH exchange and per-message
MAC. This requires OpenSSL 0.9.9
$ openssl ciphers -v eNULL+aNULL
AECDH-NULL-SHA SSLv3 Kx=ECDH Au=None Enc=None Mac=SHA1
Though this can be read by a human from a packet dump, it is not
interoperable with non-SSL applications.
--
Viktor.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
