From 59496b8f47ef1ceb7564ea5a052a57018374029f Mon Sep 17 00:00:00 2001 From: m0gg Date: Wed, 3 Jan 2007 13:41:52 +0000 Subject: README.ssl moved to nanohttp-ssl.h --- README.ssl | 90 -------------------------------------------------------------- 1 file changed, 90 deletions(-) delete mode 100644 README.ssl (limited to 'README.ssl') diff --git a/README.ssl b/README.ssl deleted file mode 100644 index 3d462c7..0000000 --- a/README.ssl +++ /dev/null @@ -1,90 +0,0 @@ -$Id: README.ssl,v 1.3 2006/12/10 12:23:40 m0gg Exp $ -=============================================================================== - -How to use SSL with nanoHTTP/cSOAP - - 1. Simple key generation - 2. Generate a key with a certificate - 3. Generate a certification authority - 3.1 Create the directory structure - 3.2 Generate the CA key - 3.3 Sign a certification request - 4. Commandline arguments at startup - 5. Howto hide the password - 6. What else? - -1. Simple key generation - - $ openssl req -nodes -days 1825 -subj "/CN=`hostname`" -newkey rsa:1024 -keyout sslkey.pem -out sslreq.pem - -2. Generate a key with a certificate - -2.1. Create a key and a certification request as in 1. -2.2. Post the sslreq.pem to your favorite CA -2.3. Join your key with the certificate from yout CA - $ cat ssl.cert >> sslkey.pem - -3. Generate a certification authority - -3.1 Create the directory structure - - $ mkdir ca - $ echo '01' > $1 ca/serial - $ touch ca/index.txt - $ mkdir ca/crl - $ mkdir ca/newcerts - $ mkdir ca/private - $ chmod 700 ca/private - -3.2 Generate the CA key - - $ openssl req -x509 -nodes -days 1826 -subj "/CN=myCa" -newkey rsa:1024 -keyout ca/private/cakey.pem -out ca/cacert.pem - -3.3 Sign a certification request - - $ openssl ca -in sslreq.pem -out ssl.cert - -4. Commandline arguments at startup - --NHTTPS Enable https protocol in the nanoHTTP server - --NHTTPcert CERTfile A file containing a certificate chain from file. The - certificates must be in PEM format and must be sorted - starting with the subject's certificate (actual client - or server certificate), followed by intermediate CA - certificates if applicable, and ending at the highest - level (root) CA. - --NHTTPcertpass password The password to be used during decryption of the - certificate. - --NHTTPCA CAfile File pointing to a file of CA certificates in PEM - format. The file can contain several CA certificates - identified by - - -----BEGIN CERTIFICATE----- - ... (CA certificate in base64 encoding) ... - -----END CERTIFICATE----- - - sequences. Before, between, and after the certificates - text is allowed which can be used e.g. for descriptions - of the certificates. - -5. Howto hide the password - -You can use the following functions before calling httpd_init, httpc_init and -accordingly soap_server_init, soap_client_init. The are roughly the same then the -commandline versions. - - - hssl_enable(void) - - hssl_set_certificate(const char *CERTfile) - - hssl_set_certpass(const char *pass) - - hssl_set_ca(const char *CAfile) - -NOTE: If you use this functions an specify the commandline arguments, then the -commandline arguments take precedence. - -6. What else? - - - int hssl_enabled(void) - -- cgit v1.1-32-gdbae