This is the mail archive of the ecos-discuss@sourceware.org mailing list for the eCos project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

RE: Re: Using openssl for HTTPS


Thanks again Kevin,
I've left them all checked for the moment till I get it working.
Then I plan to trim down what I can.
To get the certificate and key in I'm using SSL_CTX_use_certificate_ASN1
and SSL_CTX_use_RSAPrivateKey_ASN1 as they could both take memory resident
values (prefer not to use any files). These two functions taking the same
parameters but in different order didn't help either.

I followed this site (among others) to generate certificates and keys :
http://www.eclectica.ca/howto/ssl-cert-howto.php
which I converted to DER types.
Not sure this helps but might help others :
http://www.mobilefish.com/developer/openssl/openssl_quickguide_command_examp
les.html
has an interesting flow diagram.

			...Laurie:{)


> -----Original Message-----
> From: ecos-discuss-owner@ecos.sourceware.org [mailto:ecos-discuss-
> owner@ecos.sourceware.org] On Behalf Of Kelvin Lawson
> Sent: Monday, 2 November 2009 7:58 PM
> To: ecos-discuss@sources.redhat.com
> Subject: [ECOS] Re: Using openssl for HTTPS
> 
> Hi Laurie,
> 
> > Thanks for the speedy reply.
> > Unfortunately I'd already seen (and have tried to follow) that page.
> > Now that I've slept on it I realized that I had unchecked some of the
> > algorithms in the openSSL package. I've just put them all back in
> > (suffering quite an increase in code size) but at least the
> SSL_CTX_new
> > now passes and the complaint is now about my private key.
> >
> > Does anyone know which algorithms are needed (or conversely which
> > ones can be unchecked) for SSL to still work?
> 
> Looking back at my notes, I had everything under OpenSSL enabled except
> CYGPKG_OPENSSL_RC5 and CYGPKG_DES_READ_PWD. Some of these will be
> unnecessary but I was also experimenting with other techniques at the
> time. With this configuration the 'wserver' example I mentioned works
> perfectly.
> 
> Regards,
> Kelvin.
> 
> 
> 
> >> -----Original Message-----
> >> From: ecos-discuss-owner@ecos.sourceware.org [mailto:ecos-discuss-
> >> owner@ecos.sourceware.org] On Behalf Of Kelvin Lawson
> >> Sent: Saturday, 31 October 2009 1:20 AM
> >> To: ecos-discuss@sources.redhat.com
> >> Subject: [ECOS] Re: Using openssl for HTTPS
> >>
> >> Hi Laurie,
> >>
> >>> Does anyone have a working example they can share?
> >>> If the example happens to go into the certificates and keys (their
> >> setup,
> >>> format and functions that use them) that would be really excellent.
> >> A good example is the "wserver" code available from:
> >> http://www.rtfm.com/openssl-examples/
> >>
> >> Regards,
> >> Kelvin.
> >>
> >>
> >> --
> >> Before posting, please read the FAQ:
> >> http://ecos.sourceware.org/fom/ecos
> >> and search the list archive: http://ecos.sourceware.org/ml/ecos-
> discuss
> >
> >
> 
> 
> --
> Before posting, please read the FAQ:
> http://ecos.sourceware.org/fom/ecos
> and search the list archive: http://ecos.sourceware.org/ml/ecos-discuss


-- 
Before posting, please read the FAQ: http://ecos.sourceware.org/fom/ecos
and search the list archive: http://ecos.sourceware.org/ml/ecos-discuss


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]