RE: simple server with using openssl
> From: owner-openssl-us...@openssl.org On Behalf Of Matthias Apitz > Sent: Sunday, 07 October, 2012 02:36 > El día Saturday, October 06, 2012 a las 01:37:06PM -0400, > Indtiny s escribió: > > > Hi, > > Thanks for the information .. I get the server part from > the this link > > http://www.rtfm.com/openssl-examples/ > > I started the server but I am getting the following error > when I am trying > > You did not say exactly which 'server' you started, perhaps the > 'wserver' from the openssl-examples-20020110 > > > run the client by $curl http://127.0.0.1:8080 > > you should use an SSL client, for example 'wclient' from the > examples or > the openssl' s_client; > Or, if it's a web/https server, curl with https://whatever . Aside: port 8080 for https is confusing, that's often used (though not reserved) for http-clear. 8443 would be better. > > > > AT the server side : > > > > 3078153864:error:140EC0AF:SSL > routines:SSL2_READ_INTERNAL:non sslv2 initial > > packet:s2_pkt.c:187: > > I think this is normal, because you did not contacted the server with > some SSL client; > Also it appears this server is doing only SSLv2. That's a bad idea nowadays; although SSLv2 was thought good enough in its day, flaws have since been found; some clients (notably Java) and most if not all scans (and checklists) may refuse it, or at least warn noisily. Get a server that does at least SSLv3, and TLSv1.0 is better. TLSv1.1 or v1.2 is better yet, but in openssl only in 1.0.1, and not yet too widespread in clients. (Of course openssl server can support a range, selecting whatever each client needs.) > > > > At the client side : > > > > curl: (56) Recv failure: Connection reset by peer > > normal too; > __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: simple server with using openssl
Hi, Thanks.. I tried that it works ... Now let me know how to use it for my application .. I need a very simple webserver which receive the* https post and ge*t request from any *external client* . and provide proper response to the client .. In my application maximum clients would be two . Can you pls tell me , what are the necessary chages I need to look in to the openssl server code in order obtain the above features. . Rgds Indu
Re: simple server with using openssl
El día Saturday, October 06, 2012 a las 01:37:06PM -0400, Indtiny s escribió: > Hi, > Thanks for the information .. I get the server part from the this link > http://www.rtfm.com/openssl-examples/ > I started the server but I am getting the following error when I am trying You did not say exactly which 'server' you started, perhaps the 'wserver' from the openssl-examples-20020110 > run the client by $curl http://127.0.0.1:8080 you should use an SSL client, for example 'wclient' from the examples or the openssl' s_client; > > AT the server side : > > 3078153864:error:140EC0AF:SSL routines:SSL2_READ_INTERNAL:non sslv2 initial > packet:s2_pkt.c:187: I think this is normal, because you did not contacted the server with some SSL client; > > At the client side : > > curl: (56) Recv failure: Connection reset by peer normal too; HIH matthias -- Matthias Apitz | /"\ ASCII Ribbon Campaign: www.asciiribbon.org E-mail: g...@unixarea.de | \ / - No HTML/RTF in E-mail WWW: http://www.unixarea.de/ | X - No proprietary attachments phone: +49-170-4527211 | / \ - Respect for open standards __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: simple server with using openssl
have a look at this thread https://groups.google.com/forum/?fromgroups=#!topic/mailing.openssl.users/-t7KRH-8phs Since this is not related to dev i have removed openssl-dev from list. On Thu, Oct 4, 2012 at 10:14 PM, Indtiny s wrote: > Hi, > > I need a TLS security based server which can handle request from few > clients (max 4) . at the client side I just curl client and post or put > https request . > > at the the server side I need to receive those request and pass to the my > CGI . > > Can somebody suggest how to start this server application using openssl > ..? it could be better if I can get some start up code/docs . > > Rgds > Indu >