- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - OpenVMS
- >
- Re: Using SSL with sockets on VMS
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-23-2008 01:10 PM
тАО04-23-2008 01:10 PM
Using SSL with sockets on VMS
My new task is to enable the use of SSL with select socket communications.
My plan is to determine the requirement for a secure connection when a listener gets a connection request, then open a communications socket using the requested protocols, if that particular protocol is allowed. (Whether my plan is viable, I have yet to discover.)
My problem is finding any documentation on the use of SSL with sockets.
I have looked at the latest copy of "HP TCP/IP Services for OpenVMS Sockets API and System Services Programming" on the documentation site, and cannot find any reference to SSL.
If someone could direct me to appropriate documentation, it would be appreciated. (My web search skills are very poor, and, I do not have a high speed connection.)
If someone could also provide some helpful information on set-up of SSL on VMS V8.3, things needed to be done, and such, that also would be appreciated.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-23-2008 01:18 PM
тАО04-23-2008 01:18 PM
Re: Using SSL with sockets on VMS
O'Reilly publishes a good book on using OpenSSL: Network Security with OpenSSL. http://www.amazon.com/Network-Security-OpenSSL-John-Viega/dp/059600270X/ref=pd_bbs_sr_1?ie=UTF8&s=books&qid=1208985385&sr=8-1
You may have to write your own BIO routines if you exchange some I/O before deciding that the connection should be encrypted.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-23-2008 04:32 PM
тАО04-23-2008 04:32 PM
Re: Using SSL with sockets on VMS
believe that (my) wget for VMS has some (and
may even work). I haven't really looked at
it, but it seems to be there, and I believe
that I did a couple of "https://" tests (long
ago).
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-23-2008 05:39 PM
тАО04-23-2008 05:39 PM
Re: Using SSL with sockets on VMS
But my questions are a bit more basic (sic) than how to use the SSL routines.
Does an application actually have to call the various SSL routines to encrypt and decrypt? I was sort of hoping that SSL was used by TCP/IP, such that I'd set a flag on a socket, and TCP/IP would transparently do the SSL stuff. So the question is, am I dreaming of a capability that does not exist ?
My applications are written in DEC Basic. I'd sort of hoped that I would not have to re-create the C header files definitions in Basic, nor work out how to call the SSL routines from a language other than C.
Sort of gets back to my original question. Does HP have and documentation specific to using SSL in VMS ??
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-24-2008 02:15 AM
тАО04-24-2008 02:15 AM
Re: Using SSL with sockets on VMS
http://h71000.www7.hp.com/doc/83FINAL/BA554_90007/index.html
"I was sort of hoping that SSL was used by TCP/IP, such that I'd set a flag on a socket, and TCP/IP would transparently do the SSL stuff. So the question is, am I dreaming of a capability that does not exist ? "
That would be closer to IPsec, rather than SSL.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-24-2008 02:22 AM
тАО04-24-2008 02:22 AM
Re: Using SSL with sockets on VMS
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-24-2008 08:57 AM
тАО04-24-2008 08:57 AM
Re: Using SSL with sockets on VMS
It's becoming apparent to me that this is not going to be a "plug in SSL and use it" thing. Would somebody pass the bottle of aspirin please.
Some more questions:
When an incoming connection request, from a client wishing a secure connection, it seems to me that that connection request itself cannot be secure, since the SSL handshake has not yet occurred. What is there in a connection request that asks for a secure connection ?
Or should the listener be handling this logic ?
Is there any information, anywhere, of using SSL on VMS from any language other than C ?
Data structure definitions ?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-24-2008 11:53 AM
тАО04-24-2008 11:53 AM
Re: Using SSL with sockets on VMS
(Open)SSL comes to us from the Unix world, where C is the primary language. You may end up having to create a couple of C modules that handle the interface between your program and SSL. This could also help keep the overall code easier to read as it would hide most of the mechanics of SSL.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-24-2008 12:34 PM
тАО04-24-2008 12:34 PM
Re: Using SSL with sockets on VMS
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-03-2008 03:16 PM
тАО05-03-2008 03:16 PM
Re: Using SSL with sockets on VMS
I see no one has yet mentioned "Stunnel" (versions of which are available for VMS). Basically it sit's on port X and does the SSL and then redirects the messages to your non-SSL port Y. DoS attacks being a bit problematic :-( It also doesn't support OOB data but I'm sure I've seen and SSL RFC somewhere that says OOB data is included in the standard?
You may also wish to look at Process Software's IPsec which has been available for some years now. As long as you have fixed IP addresses then I don't see a problem with it. UCX has also been promising to come out with a version of IPsec for as long as I can remember but to-date have only come out with a "Early Adopters Kit" whose very name has left the more cautious in the user-base a tad unwilling to embrace it.
IPsec is the future! (As soon as the usual System/Network management inertia is overcome :-)
No more SFTP/FTPs, SSH, 80/443. . .
Cheers Richard Maher