What Parameters need to be given on command line when using open S_server utility

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

What Parameters need to be given on command line when using open S_server utility

This post has NOT been accepted by the mailing list yet.
Hi All,

I am trying to establish a secure communication between a embedded device(target board) and a server.
Currently I am using openssl s_server utility tool to simulate as the server.

From the third party SSL Library, I have taken example sample client.c and the SSL library integrated in our application code.  client.c example program
is a single file executes the complete SSL Setup, handshake, data write and read steps.

We have customized code into seperate small funtions such as setup, handshake, read, write & close so that we can call them in our application code based on some socket state machine.

There is one file which defines all the roots CA certificate, server certificates and client certificates.  
This is a common file in the library which is used so that if can be configured as server or client and based on that the root CA certificates are selected.
and based on the how whether we are going to run the server or client.

Also the library contains .crt, private .key files whcih can be used for test purposes and some them are same as mentioned in the file which defines all the certificates.

We are using as for client.

As our embedded device is a client, so from the library we get the root CA.

When we use the s_server utility and we need to give some parameters on the command line.

for example : s_server -accept 443 -cert ser.crt -CAfile test.crt -key ser.key

Here we dont want to use the default server.pem files provided by the openssl.  We want to use the server certificate and private key files provided by the ssl library.

Query is how should we give the parameters on the command line
1.  Do we need to also mention the root CA of the ssl library (which will be already loaded on the client side) when the code gets compiled and downloaded on to the target board

can any one please give some inputs and help on this.