• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 904
  • Last Modified:

OpenSSL without certificate

I want to write a small client/server application which make use of OpenSSL for Data Crypting.

Is there any way to do this without certificates?

My case is that i cant share certificates... thats mean i need to connect and Handshake without a certificate. How Can i do this?

Regards woigl
0
woigl
Asked:
woigl
  • 4
  • 3
  • 2
3 Solutions
 
ahoffmannCommented:
> Is there any way to do this without certificates?
AFAIK no

> ..  that i cant share certificates..
why would you share certificates?
0
 
woiglAuthor Commented:
I want to write a server for configuration purpose and this server allow other clients to connect, but the clients dont have a private key...
0
 
woiglAuthor Commented:
Or is it better in this way to work with normal TCP Sockets and crypt the message before sending with MD5?
0
Network Scalability - Handle Complex Environments

Monitor your entire network from a single platform. Free 30 Day Trial Now!

 
ahoffmannCommented:
> but the clients dont have a private key...
you don't need a private key for SSL/TLS (https)
0
 
TolomirAdministratorCommented:
Well normal / usual way would be to use SSL i.e. https

You could by a cheap SSLĂ– certificate or use openssl to create a private certificate and use it for data encryption:

See http://en.wikipedia.org/wiki/Secure_Sockets_Layer

and http://en.wikipedia.org/wiki/OpenSSL

Tolomir
0
 
woiglAuthor Commented:
but as far as i could find out, there is a possibility to receive to certificate from the peer...

Anyone know this?
0
 
TolomirAdministratorCommented:
Yes of cause.

With TLS you can use a certificate on the server side AND from the client side.

That way even the server can be "sure" to talk to the authorized person.

http://en.wikipedia.org/wiki/Transport_Layer_Security

SSL/TLS provides endpoint authentication and communications privacy over the Internet using cryptography. In typical use, only the server is authenticated (i.e. its identity is ensured) while the client remains unauthenticated; mutual authentication requires public key infrastructure (or PKI) deployment to clients. The protocols allow client/server applications to communicate in a way designed to prevent eavesdropping, tampering, and message forgery....

Tolomir
0
 
woiglAuthor Commented:
Thats mean my client dont need a certificate because it will receive it from the server side...

which certificate is good? x509

or is there any certificate which dont need a Country and State information?
0
 
TolomirAdministratorCommented:
Please check

The GNU Transport Layer Security Library
http://www.gnu.org/software/gnutls/manual/gnutls.html for further details.

It will explain most of your questions.

Tolomir
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Improve Your Query Performance Tuning

In this FREE six-day email course, you'll learn from Janis Griffin, Database Performance Evangelist. She'll teach 12 steps that you can use to optimize your queries as much as possible and see measurable results in your work. Get started today!

  • 4
  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now