How to implement HTTPS

[Claudio Junior]

Hi, I am using mongoose as a library on my C++ application and I would like to implement HTTPS for the communication between my Mongoose server application and my libcurl client application.

Can someone point out any exemple of implementation?

[Ger Hobbelt]

mongoose supports HTTPS out of the box; see mongoose.c. What you need to provide is a server cert and you're good to go.

Note that mongoose checks at run time (dealyed loading) whether the SSL libraries are available (by dynamically resolving the various OpenSSL API calls it uses; see near top of mongoose.c); this may be different from what you expected.

The regular mongoose web server itself has HTTPS capability out of the box, that way. (main.c mongoose application)

Met vriendelijke groeten / Best regards,

Ger Hobbelt

--------------------------------------------------
web:    http://www.hobbelt.com/
        http://www.hebbut.net/
mail:   g...@hobbelt.com
mobile: +31-6-11 120 978
--------------------------------------------------

On Tue, Jul 17, 2012 at 7:02 PM, Claudio Junior <claudio...@yahoo.com> wrote:

Hi, I am using mongoose as a library on my C++ application and I would like to implement HTTPS for the communication between my Mongoose server application and my libcurl client application.

Can someone point out any exemple of implementation?

--
You received this message because you are subscribed to the Google Groups "mongoose-users" group.
To view this discussion on the web visit https://groups.google.com/d/msg/mongoose-users/-/iNhqq-h-te4J.
To post to this group, send email to mongoos...@googlegroups.com.
To unsubscribe from this group, send email to mongoose-user...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/mongoose-users?hl=en.

[Claudio Junior]

Thank you Mr Hobbelt. I appreciate your reply. However, my doubt is which routines should I use for this? I mean, I have an incoming connection with a pem certificate. 

• Will this come as MG_INIT_SSL?
• If have to handle it by myself, regardless of the means I use, what kind of interaction whatsoever I have to make with mongoose on this regard? (I am not talking about OpenSSL)
• after MG_INIT_SSL, will I always receive validated and secured information from MG_NEW_REQUEST?

Thank you and I appreciate some reply from anyone.

[Ger Hobbelt]

The entire SSL part of HTTPS is handled in mongoose 'under the hood', i.e. internally.

To make it happen, you need to instruct mongoose, via the configuration, to listen to an SSL-enabled port, e.g. "443s" (note the 's'! You can also have HTTPS on any other port, just append 's' and you're good to go)

For SSL-enabled connections, the connection->use_ssl flag will be set.

(Side note; don't know if this is relevant but still here as a reminder: you cannot have multiple protocols on a single listening port. So offering both plaintext and encrypted communication modes would require mongoose to listen to 2 ports, e.g. "8081, 8082s" where '8082' would then be the port to connect to via HTTPS, e.g. request URL in browser: "https://my.mongoose.domain:8082/path" vs.  "http://my.mongoose.domain:8081/path"  )

MG_INIT_SSL can be used to add your own certificates via the API during the event callback; any HTTPS connection will be fully established before it will reach MG_NEW_REQUEST as for that event to fire, mongoose must already have fetched the complete HTTP(!) request header from the connection, hence a significant bit of SSL-based traffic will already have happened by then. SSL comm failures will trigger an error code in mg_read/mg_write, like any other I/O failure.

Met vriendelijke groeten / Best regards,

Ger Hobbelt

--------------------------------------------------
web:    http://www.hobbelt.com/
        http://www.hebbut.net/
mail:   g...@hobbelt.com
mobile: +31-6-11 120 978
--------------------------------------------------

--
You received this message because you are subscribed to the Google Groups "mongoose-users" group.

To view this discussion on the web visit https://groups.google.com/d/msg/mongoose-users/-/Vya19PQZvJsJ.