19 SSL Unit: tcp^ via SSL

On this page:

19SSL Unit: tcp^ via SSL🔗 i

(require net/ssl-tcp-unit ) package: net-lib

The net/ssl-tcp-unit library provides a function for creating a tcp^ implementation with openssl functionality.

procedure
( make-ssl-tcp@ server-cert-file
server-key-file
server-root-cert-files
server-suggest-auth-file
client-cert-file
client-key-file
client-root-cert-files) → unit?
server-cert-file:(or/c path-string? #f)
server-key-file:(or/c path-string? #f)
server-root-cert-files:(or/c (listof path-string? )#f)
server-suggest-auth-file:path-string?
client-cert-file:(or/c path-string? #f)
client-key-file:(or/c path-string? #f)
client-root-cert-files:(listof path-string? )

Returns a unit that implements tcp^ using the SSL functions from openssl. The arguments to make-ssl-tcp@ control the certificates and keys uses by server and client connections:

server-cert-file — a PEM file for a server’s certificate; #f means no certificate (which is unlikely to work with any SSL client)
server-key-file — a private key PEM to go with server-cert-file; #f means no key (which is likely renders a certificate useless)
server-root-cert-files — a list of PEM files for trusted root certificates; #f disables verification of peer client certificates
server-suggest-auth-file — PEM file for root certificates to be suggested to peer clients that must supply certificates
client-cert-file — a PEM file for a client’s certificate; #f means no certificate (which is usually fine)
client-key-file — a private key PEM to go with client-cert-file; #f means no key (which is likely renders a certificate useless)
client-root-cert-files — a list of PEM files for trusted root certificates; #f disables verification of peer server certificates

top ← prev up next →