What does it take to convert an http server into an https server?
This question is similar to Starting to use OpenSSL but more specific and detailed so I think it's fair to ask.
Suppose I have an simple http server that does the following in a successful GET scenario
- creates a listening socket
- a client connects
- reads the data through recv
- parses the GET request, now it knows which resource to return
- wri开发者_运维问答tes the response through send
- close the socket
This server is written in c++ on linux.
My question is, What does it take to convert this server into an minimal https server? (in particular using OpenSSL, but answers in a general sense are welcome.)
Here's my understanding (question marks mean I'm have no idea)
- initialize the library
- read the server certificate and private key and other configurations
- create a normal listening socket(?)
- a client connects
- do the handshaking through a library function(?)
- handshaking done
- do I need a special step before I start receiving and sending data?
- read data through library function(?)
- does the data look exactly like an HTTP GET at this point?
- if it does, parse the GET and get the resource
- write return data through library function(?)
- close the connection through a library function(?)
In summary, I'm hoping that it only requires adding some extra steps to the current code and does not affect the HTTP parsing. Is this assumption correct?
Many thanks to anybody who could fill in the blanks.
Look through "Network Security with OpenSSL", as it covers this. Even if you don't have the book, you can look through the code.
精彩评论