This question is similar to Starting to use OpenSSL but more specific and detailed, so I think it's fair to ask.
Suppose I have a simple HTTP server that does the following in a successful GET script
- creates a socket for listening
- client connects
- reads data through recv
- parses a GET request, now it knows which resource returns
- writes the answer through send
- close socket
This server is written in C ++ on linux.
My question is: what does it take to convert this server to a minimal https server? (in particular, using OpenSSL, but answers are generally welcome.)
Here's my understanding (question marks mean I have no idea)
- initialize library
- read server certificate and private key and other configurations
- create a regular listening socket (?)
- client connects
- perform confirmation of communication through the library function (?)
- handshaking
- Do I need a special step before I start receiving and sending data?
- reading data through a library function (?)
- Does the data really look exactly like an HTTP GET?
- if so, analyze the GET and get the resource
- write back data through a library function (?)
- close the connection through the library function (?)
In general, I hope that this only requires the addition of additional steps to the current code and does not affect HTTP parsing. Is this assumption correct?
Many thanks to everyone who could fill in the blanks.
source share