- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - OpenVMS
- >
- Re: Using SSL with sockets on VMS
Operating System - OpenVMS
1753666
Members
6249
Online
108799
Solutions
Forums
Categories
Company
Local Language
юдл
back
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
юдл
back
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Blogs
Information
Community
Resources
Community Language
Language
Forums
Blogs
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-04-2008 02:53 AM
тАО05-04-2008 02:53 AM
Re: Using SSL with sockets on VMS
David,
In a word, as has been noted, SSL (and most of the IP stack) do not work that way. As an example, consider HTTP (TCP port 80) and HTTPS (TCP port 443).
OpenVMS BASIC does have all of the abilities to generate the interfaces, albeit it can be cumbersome at times. The C interface conventions are no more conceptually difficult than calling OpenVMS system services from BASIC. However, as the bindings are not maintained for BASIC, it will be easier to maintain the C code.
- Bob Gezelter, http://www.rlgsc.com
In a word, as has been noted, SSL (and most of the IP stack) do not work that way. As an example, consider HTTP (TCP port 80) and HTTPS (TCP port 443).
OpenVMS BASIC does have all of the abilities to generate the interfaces, albeit it can be cumbersome at times. The C interface conventions are no more conceptually difficult than calling OpenVMS system services from BASIC. However, as the bindings are not maintained for BASIC, it will be easier to maintain the C code.
- Bob Gezelter, http://www.rlgsc.com
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-04-2008 10:41 AM
тАО05-04-2008 10:41 AM
Re: Using SSL with sockets on VMS
Richard
Thanks for the info. To be truthful, I know that I'm unfamiliar with the concepts, and may have some misconceptions. But it seems to me that none of the options are seamless. No real standards, unless you make some assumptions, such as "both sides will assume SSL V3" or something like that.
I'm not very familiar with IPsec, but from the small exposure, it also seems to need some up front set-up.
My environment is, possibly thousands of small businesses with a PC connecting, and placing orders, which will include credit card information. Thus security is required. However, it needs to be rather seemless, because doing up front set-up with all the small businesses would be very labor intensive, and would probably fail.
The application has pretty much cornered the small power equipment distribution verticle market, and for you VMS bigots, it's mainly a VMS based application, written mainly in DEC Basic, with a database developed originally on RSTS/E and used for many years.
So you have every little mom and pop shop out there that repairs lawn mowers and such placing orders, and most are not what you'd consider "computer literate".
What I "think" I need is the transparent manner in which browsers and web servers use to negotiate secure connections, without the user knowing anything about the mechanics.
I don't know if this will work with IPsec. Will it ??
---------------------
Robert
I have to believe that with VMS any language can use routines written in any other language supported by VMS. Though C does seem (to me) to be a bit less 'standard' than anything else.
Probably the major problem is that I don't know C, and frankly don't want to know C. If required data structures were defined in a manner that DEC documentation used to use, specifying VMS data types, I think I could figure things out. However, current documentation practices seem to be publish some C code rather than generic examples.
I'm going to try to understand the SSL Structure in ssl.h, but fear that without some help, it's going to be a long and hard job. If I can define static data structures that appear to be required in any program using the SSL library, then I think I can get things working.
I'm working on getting paper manual, as I don't do well with online documentation.
Thanks for the info. To be truthful, I know that I'm unfamiliar with the concepts, and may have some misconceptions. But it seems to me that none of the options are seamless. No real standards, unless you make some assumptions, such as "both sides will assume SSL V3" or something like that.
I'm not very familiar with IPsec, but from the small exposure, it also seems to need some up front set-up.
My environment is, possibly thousands of small businesses with a PC connecting, and placing orders, which will include credit card information. Thus security is required. However, it needs to be rather seemless, because doing up front set-up with all the small businesses would be very labor intensive, and would probably fail.
The application has pretty much cornered the small power equipment distribution verticle market, and for you VMS bigots, it's mainly a VMS based application, written mainly in DEC Basic, with a database developed originally on RSTS/E and used for many years.
So you have every little mom and pop shop out there that repairs lawn mowers and such placing orders, and most are not what you'd consider "computer literate".
What I "think" I need is the transparent manner in which browsers and web servers use to negotiate secure connections, without the user knowing anything about the mechanics.
I don't know if this will work with IPsec. Will it ??
---------------------
Robert
I have to believe that with VMS any language can use routines written in any other language supported by VMS. Though C does seem (to me) to be a bit less 'standard' than anything else.
Probably the major problem is that I don't know C, and frankly don't want to know C. If required data structures were defined in a manner that DEC documentation used to use, specifying VMS data types, I think I could figure things out. However, current documentation practices seem to be publish some C code rather than generic examples.
I'm going to try to understand the SSL Structure in ssl.h, but fear that without some help, it's going to be a long and hard job. If I can define static data structures that appear to be required in any program using the SSL library, then I think I can get things working.
I'm working on getting paper manual, as I don't do well with online documentation.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-04-2008 05:07 PM
тАО05-04-2008 05:07 PM
Re: Using SSL with sockets on VMS
David,
What about using WASD or Apache to do the heavy lifting on the SSL connection. If the connection is done using HTTPS, then the web server will handle the SSL connections automagically.
The processing of the credit card information can then be done in a script called from the web server.
- Bob Gezelter, http://www.rlgsc.com
What about using WASD or Apache to do the heavy lifting on the SSL connection. If the connection is done using HTTPS, then the web server will handle the SSL connections automagically.
The processing of the credit card information can then be done in a script called from the web server.
- Bob Gezelter, http://www.rlgsc.com
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-05-2008 03:02 AM
тАО05-05-2008 03:02 AM
Re: Using SSL with sockets on VMS
Hi David,
Look, the last thing anyone wants to do is frustrate the customer from buying your wares! If run-time discovery of customers is a business requirement for you, then IPsec is probably not the easiest fit. Why not stick to some http(s) server with bollocks script and cookies and quasi-session expiration, and hijacking, and so on. . .
Maybe you don't have any form of account information to be verified on the server side (password perhaps?) Maybe you don't bother matching the delivery address to the CC billing address - I don't know. HTTPS is probably best for you, or do look at "Stunnel" as a soft option (or *yes* use the HP supported OpenSSL routines in C)
On the other hand, if you were involved in a branch-office to head-office scenario, or your customers had to register an account with you before trading and you kept things like purchase/credit history and contact information, and security was important to you, then the one-off effort in configuring IPsec may not be too much of a hardship? You may even like to authenticate client instead of just satisfy their server authentication. (Does it matter if you're talking to who you think you are?)
Cheers Richard Maher
PS. Unlike HP/VMS/UCX Microsoft has supported IPsec for many years - it's not rocket science!
Look, the last thing anyone wants to do is frustrate the customer from buying your wares! If run-time discovery of customers is a business requirement for you, then IPsec is probably not the easiest fit. Why not stick to some http(s) server with bollocks script and cookies and quasi-session expiration, and hijacking, and so on. . .
Maybe you don't have any form of account information to be verified on the server side (password perhaps?) Maybe you don't bother matching the delivery address to the CC billing address - I don't know. HTTPS is probably best for you, or do look at "Stunnel" as a soft option (or *yes* use the HP supported OpenSSL routines in C)
On the other hand, if you were involved in a branch-office to head-office scenario, or your customers had to register an account with you before trading and you kept things like purchase/credit history and contact information, and security was important to you, then the one-off effort in configuring IPsec may not be too much of a hardship? You may even like to authenticate client instead of just satisfy their server authentication. (Does it matter if you're talking to who you think you are?)
Cheers Richard Maher
PS. Unlike HP/VMS/UCX Microsoft has supported IPsec for many years - it's not rocket science!
- « Previous
-
- 1
- 2
- Next »
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.
News and Events
Support
© Copyright 2024 Hewlett Packard Enterprise Development LP