1 The OpenSSL Guide Demos 2 ======================= 3 4 The demos in this directory are the complete source code for the applications 5 developed in the OpenSSL Guide tutorials. Refer to the various tutorial pages in 6 the [guide] for an extensive discussion on the demos available here. 7 8 They must be built before they can be run. An example UNIX style Makefile is 9 supplied. Just type "make" from this directory on a Linux/UNIX system. 10 11 Running the TLS Demos 12 --------------------- 13 14 To run the demos when linked with a shared library (default) ensure that 15 libcrypto and libssl are on the library path. For example, assuming you have 16 already built OpenSSL from this source and in the default location then to run 17 the tls-client-block demo do this: 18 19 LD_LIBRARY_PATH=../.. ./tls-client-block hostname port 20 21 In the above replace "hostname" and "port" with the hostname and the port number 22 of the server you are connecting to. 23 24 The above assumes that your default trusted certificate store containing trusted 25 CA certificates has been properly setup and configured as described on the 26 [TLS Introduction] page. 27 28 You can run a test server to try out these demos using the "openssl s_server" 29 command line utility and using the test server certificate and key provided in 30 this directory. For example: 31 32 LD_LIBRARY_PATH=../.. ../../apps/openssl s_server -www -accept localhost:4443 -cert servercert.pem -key serverkey.pem 33 34 The test server certificate in this directory will use a CA that will not be in 35 your default trusted certificate store. The CA certificate to use is also 36 available in this directory. To use it you can override the default trusted 37 certificate store like this: 38 39 SSL_CERT_FILE=rootcert.pem LD_LIBRARY_PATH=../.. ./tls-client-block localhost 4443 40 41 If the above command is successful it will connect to the test "s_server" and 42 send a simple HTTP request to it. The server will respond with a page of 43 information giving details about the TLS connection that was used. 44 45 Note that the test server certificate used here is only suitable for use on 46 "localhost". 47 48 The tls-client-non-block demo can be run in exactly the same way. Just replace 49 "tls-client-block" in the above example commands with "tls-client-non-block". 50 51 Running the QUIC Demos 52 ---------------------- 53 54 The QUIC demos can be run in a very similar way to the TLS demos. 55 56 While in the demos directory the QUIC server can be run like this: 57 58 LD_LIBRARY_PATH=../.. ./quic-server-block 4443 ./chain.pem ./pkey.pem 59 60 The QUIC demos can then be run in the same was as the TLS demos. For example 61 to run the quic-client-block demo: 62 63 SSL_CERT_FILE=chain.pem LD_LIBRARY_PATH=../.. ./quic-client-block localhost 4443 64 65 Notes on the quic-hq-interop demo 66 --------------------------------- 67 68 The quic-hq-interop demo is effectively the same as the quic-client-nonblock 69 demo, but is specifically constructed to use the hq-interop alpn for the 70 purposes of interacting with other demonstration containers found in the 71 QUIC working group [interop runner](https://github.com/quic-interop/quic-interop-runner) 72 It is run as follows: 73 74 SSL_CERT_FILE=ca.pem LD_LIBRARY_PATH=../../ ./quic-hq-interop host port file 75 76 The demo will then do the following: 77 78 1. Connect to the server at host/port 79 2. Negotiates the hq-interop alpn 80 3. Issues an HTTP 1.0 GET request of the form "GET /$FILE" 81 3. Reads any response from the server and write it verbatim to stdout 82 83 This demo can be used for any hq-interop negotiating server, but its use can 84 most easily be seen in action in our quic interop container, buildable from 85 ./test/quic_interop_openssl in this source tree. 86 87 <!-- Links --> 88 89 [guide]: https://www.openssl.org/docs/manmaster/man7/ossl-guide-introduction.html 90 [TLS Introduction]: https://www.openssl.org/docs/manmaster/man7/ossl-guide-tls-introduction.html 91
Indexes created Tue May 05 00:25:04 UTC 2026