Using ssl/mod_ssl on non-apache HTTP server
Hi - I'm new to ssl/mod_ssl so please forgive me if this post is out in left field. I have a new contract to develop secure TCP/IP communication between many customer sites. I have prototyped a non-secure HTTP server/client system written in Perl. My client likes it - but he demands high- level security. In my years of web programming, there has always been the 'security' guy around to take care of these 'details' for me, but now I am him... :) I have been plowing through the Openssl, Perl modules (Net::SSLeay, etc.) documentation, but it's slow going and it hasn't 'clicked' yet for me. Do any of you have suggestions of other resources that might help me? HOWTOs, FAQs, Articles, Books, anything? Aloha = Beau. __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
RE: Using ssl/mod_ssl on non-apache HTTP server
Wait! Please ignore (for now) my recent post (below). A friend just suggested CPAN's IO::Socket::SSL - which, on first look, my solve my problems. Sorry to have wasted bandwidth and your time. Aloha = Beau; -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Beau E. Cox Sent: Tuesday, February 25, 2003 11:34 PM To: [EMAIL PROTECTED] Subject: Using ssl/mod_ssl on non-apache HTTP server Hi - I'm new to ssl/mod_ssl so please forgive me if this post is out in left field. I have a new contract to develop secure TCP/IP communication between many customer sites. I have prototyped a non-secure HTTP server/client system written in Perl. My client likes it - but he demands high- level security. In my years of web programming, there has always been the 'security' guy around to take care of these 'details' for me, but now I am him... :) I have been plowing through the Openssl, Perl modules (Net::SSLeay, etc.) documentation, but it's slow going and it hasn't 'clicked' yet for me. Do any of you have suggestions of other resources that might help me? HOWTOs, FAQs, Articles, Books, anything? Aloha = Beau. __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: Using ssl/mod_ssl on non-apache HTTP server
Take a look at the code of Webmin, it uses a Perl based webserver that can use SSL if available. http://www.webmin.com I have a chapter online introducing the main SSL concepts, it is focused on apache but it should be useful for the basics: http://www.apacheworld.org/ty24/ then, for the programming side of things, this is a good book: http://www.amazon.com/exec/obidos/tg/detail/-/059600270X As a reference book, I found this one invaluable: http://www.amazon.com/exec/obidos/tg/detail/-/0201615983 Cheers Daniel Hi - I'm new to ssl/mod_ssl so please forgive me if this post is out in left field. I have a new contract to develop secure TCP/IP communication between many customer sites. I have prototyped a non-secure HTTP server/client system written in Perl. My client likes it - but he demands high- level security. In my years of web programming, there has always been the 'security' guy around to take care of these 'details' for me, but now I am him... :) I have been plowing through the Openssl, Perl modules (Net::SSLeay, etc.) documentation, but it's slow going and it hasn't 'clicked' yet for me. Do any of you have suggestions of other resources that might help me? HOWTOs, FAQs, Articles, Books, anything? Aloha = Beau. __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]