 |
| Register | FAQ | Members List | Calendar | Links | Search | Today's Posts | Mark Forums Read |
|
||||||||
|
|
#1
02-14-2008, 07:43 PM
|
HTTPS question
Hello all,
Hope this isn't a total newbie question... I'm writing an extension to an existing client / server suite that currently uses UDP for all of its communication. We are having some problems with clients that are behind firewalls that only allow HTTP and HTTPS, so I've created a system where the necessary communications all take place in the form of GET and PUT HTTP calls. This makes the proxy think that the client is simply browsing the web when they are not. Yeah, lame, but it works for HTTP. I need to implement a version that uses HTTPS as well. I've got all my certificates ready and it works between the client and the server if there is no proxy, but the question I'm having trouble answering is how do you implement HTTPS from the TCP / SSL level? Do you send an unencrypted HTTP header and then pop over to SSL immediately afterwards? When do you do the SSL handshaking? Before or after you send the header? What is the best information resource for this? Thanks in advance! -- Rich Fife -- Rich Fife 
|
|
#2
02-14-2008, 09:35 PM
|
|||
|
|||
|
Re: HTTPS question
On Feb 14, 11:43 am, Rich Fife <rf...@amug.org> wrote:
> Do you send an unencrypted HTTP header and then pop over to SSL > immediately afterwards? When do you do the SSL handshaking? Before > or after you send the header? What is the best information resource > for this? HTTPS is simply HTTP over SSL. You do not send anything unencrypted. DS
|
|
#3
02-21-2008, 12:20 AM
|
|||
|
|||
|
Re: HTTPS question
>>>>> "Rich" == Rich Fife <(E-Mail Removed)> writes:
Rich> but the question I'm having trouble answering is how do you Rich> implement HTTPS from the TCP / SSL level? If you're asking this question, then I think you still haven't understood what HTTPS is. Do you know the difference between HTTP and HTTPS? If you do, you shouldn't be asking this question. Rich> Do you send an unencrypted HTTP header and then pop over to Rich> SSL immediately afterwards? Yes and No. Check the specs and look for the CONNECT request for HTTP proxies. Rich> When do you do the SSL handshaking? After CONNECT. Rich> Before or after you send the header? Both... depending on what headers you're talking about. Rich> What is the best information resource for this? The specs for HTTP proxies. -- Lee Sau Dan §õ¦u´° ~{@nJX6X~} E-mail: (E-Mail Removed) Home page: http://www.informatik.uni-freiburg.de/~danlee
|
 |
| Tags |
| https, question |
| Thread Tools | |
| Display Modes | |
|
|
Linear Mode
