open-keychain/libraries/spongycastle/docs/tls/OpenSSLSetup.html

28 lines
1.0 KiB
HTML
Raw Normal View History

<html>
<body>
<h3>Instructions for setting up an OpenSSL server for use with DTLSClientTest</h3>
<ul>
<li>Download and Install OpenSSL (exercise for the reader)</li>
<li> Unpack to folder and add ${GNUTLS_HOME}/bin to PATH</li>
<li> Make a working folder somewhere and copy the <a href="../../src/test/resources/org/bouncycastle/crypto/tls/test/">x509-*.pem</a> from this link to there.</li>
<li>Go to working folder and start OpenSSL server:
<ul>
<li>TLS:
<pre>
openssl s_server -accept 5556 -debug -msg -state -tls1_1 -www -CAfile x509-ca.pem -cert x509-server.pem -key x509-server-key.pem
</pre></li>
<li>DTLS:
<pre>
openssl s_server -accept 5556 -mtu 1500 -debug -msg -state -dtls1 -CAfile x509-ca.pem -cert x509-server.pem -key x509-server-key.pem
</pre></li>
</ul>
</li>
</ul>
NOTE: This is mainly of use to test the handshake. There doesn't appear to be an 'echo server' option with DTLS, but it will print
to stdout anything you send it, and lines you type into stdin (at the server) will be sent to the client.
</body>
</html>