This is the mail archive of the
ecos-discuss@sourceware.org
mailing list for the eCos project.
RE: Re: Using openssl for HTTPS
- From: "Laurie Gellatly" <laurie dot gellatly at netic dot com>
- To: <ecos-discuss at sources dot redhat dot com>
- Date: Mon, 2 Nov 2009 21:22:09 +1100
- Subject: RE: [ECOS] Re: Using openssl for HTTPS
- References: <471205.59207.qm@web51906.mail.re2.yahoo.com> <20091019104557.GA19013@sg-ubuntu.local> <964415.68782.qm@web51911.mail.re2.yahoo.com> <20091019135211.GA17646@sg-ubuntu.local> <404723.91676.qm@web51903.mail.re2.yahoo.com> <20091024123837.GA3998@sg-laptop> <738229.12555.qm@web51906.mail.re2.yahoo.com> <20091025132007.GA4436@sg-laptop> <005101ca5622$d9bf4c30$8d3de490$@gellatly@netic.com> <46171.9697145329$1256910809@news.gmane.org> <hcesn2$478$1@ger.gmane.org> <26103.8444740281$1256938790@news.gmane.org> <hcm6vg$1md$1@ger.gmane.org>
- Reply-to: <laurie dot gellatly at netic dot com>
Thanks again Kevin,
I've left them all checked for the moment till I get it working.
Then I plan to trim down what I can.
To get the certificate and key in I'm using SSL_CTX_use_certificate_ASN1
and SSL_CTX_use_RSAPrivateKey_ASN1 as they could both take memory resident
values (prefer not to use any files). These two functions taking the same
parameters but in different order didn't help either.
I followed this site (among others) to generate certificates and keys :
http://www.eclectica.ca/howto/ssl-cert-howto.php
which I converted to DER types.
Not sure this helps but might help others :
http://www.mobilefish.com/developer/openssl/openssl_quickguide_command_examp
les.html
has an interesting flow diagram.
...Laurie:{)
> -----Original Message-----
> From: ecos-discuss-owner@ecos.sourceware.org [mailto:ecos-discuss-
> owner@ecos.sourceware.org] On Behalf Of Kelvin Lawson
> Sent: Monday, 2 November 2009 7:58 PM
> To: ecos-discuss@sources.redhat.com
> Subject: [ECOS] Re: Using openssl for HTTPS
>
> Hi Laurie,
>
> > Thanks for the speedy reply.
> > Unfortunately I'd already seen (and have tried to follow) that page.
> > Now that I've slept on it I realized that I had unchecked some of the
> > algorithms in the openSSL package. I've just put them all back in
> > (suffering quite an increase in code size) but at least the
> SSL_CTX_new
> > now passes and the complaint is now about my private key.
> >
> > Does anyone know which algorithms are needed (or conversely which
> > ones can be unchecked) for SSL to still work?
>
> Looking back at my notes, I had everything under OpenSSL enabled except
> CYGPKG_OPENSSL_RC5 and CYGPKG_DES_READ_PWD. Some of these will be
> unnecessary but I was also experimenting with other techniques at the
> time. With this configuration the 'wserver' example I mentioned works
> perfectly.
>
> Regards,
> Kelvin.
>
>
>
> >> -----Original Message-----
> >> From: ecos-discuss-owner@ecos.sourceware.org [mailto:ecos-discuss-
> >> owner@ecos.sourceware.org] On Behalf Of Kelvin Lawson
> >> Sent: Saturday, 31 October 2009 1:20 AM
> >> To: ecos-discuss@sources.redhat.com
> >> Subject: [ECOS] Re: Using openssl for HTTPS
> >>
> >> Hi Laurie,
> >>
> >>> Does anyone have a working example they can share?
> >>> If the example happens to go into the certificates and keys (their
> >> setup,
> >>> format and functions that use them) that would be really excellent.
> >> A good example is the "wserver" code available from:
> >> http://www.rtfm.com/openssl-examples/
> >>
> >> Regards,
> >> Kelvin.
> >>
> >>
> >> --
> >> Before posting, please read the FAQ:
> >> http://ecos.sourceware.org/fom/ecos
> >> and search the list archive: http://ecos.sourceware.org/ml/ecos-
> discuss
> >
> >
>
>
> --
> Before posting, please read the FAQ:
> http://ecos.sourceware.org/fom/ecos
> and search the list archive: http://ecos.sourceware.org/ml/ecos-discuss
--
Before posting, please read the FAQ: http://ecos.sourceware.org/fom/ecos
and search the list archive: http://ecos.sourceware.org/ml/ecos-discuss