Home Explore Blog CI



man-pages
1st chunk of `ssl.man`
ddc060d4af399064da9cff7a5ebd9d0380510e0f6504d4dd000000010000082e
SSL(7SSL)                           OpenSSL                           SSL(7SSL)

NAME
       ssl - OpenSSL SSL/TLS library

SYNOPSIS
       See the individual manual pages for details.

DESCRIPTION
       The OpenSSL ssl library implements several versions of the Secure
       Sockets Layer, Transport Layer Security, and Datagram Transport Layer
       Security protocols.  This page gives a brief overview of the extensive
       API and data types provided by the library.

       An SSL_CTX object is created as a framework to establish TLS/SSL enabled
       connections (see SSL_CTX_new(3)).  Various options regarding
       certificates, algorithms etc. can be set in this object.

       When a network connection has been created, it can be assigned to an SSL
       object. After the SSL object has been created using SSL_new(3),
       SSL_set_fd(3) or SSL_set_bio(3) can be used to associate the network
       connection with the object.

       When the TLS/SSL handshake is performed using SSL_accept(3) or
       SSL_connect(3) respectively.  SSL_read_ex(3), SSL_read(3),
       SSL_write_ex(3) and SSL_write(3) are used to read and write data on the
       TLS/SSL connection.  SSL_shutdown(3) can be used to shut down the
       TLS/SSL connection.

DATA STRUCTURES
       Here are some of the main data structures in the library.

       SSL_METHOD (SSL Method)
           This  is  a  dispatch  structure describing the internal ssl library
           methods/functions which  implement  the  various  protocol  versions
           (SSLv3 TLSv1, ...). It’s needed to create an SSL_CTX.

       SSL_CIPHER (SSL Cipher)
           This  structure  holds  the  algorithm  information for a particular
           cipher which are a core part of the SSL/TLS protocol. The  available
           ciphers  are  configured on a SSL_CTX basis and the actual ones used
           are then part of the SSL_SESSION.

       SSL_CTX (SSL Context)
           This is the global context structure which is created by a server or
           client once per program life‐time and  which
Title: OpenSSL SSL/TLS Library Overview
Summary
This document provides an overview of the OpenSSL SSL/TLS library, detailing its functionalities for implementing Secure Sockets Layer (SSL), Transport Layer Security (TLS), and Datagram Transport Layer Security (DTLS) protocols. It describes the use of SSL_CTX objects for establishing TLS/SSL enabled connections, associating network connections with SSL objects, performing handshakes, reading and writing data, and shutting down connections. Key data structures such as SSL_METHOD, SSL_CIPHER, and SSL_CTX are also explained.