[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Adding SSL to things

At 06:11 AM 1/11/98 -0500, Ryan Lackey wrote:
>Does anyone know of a way I can take a web server, say AOLserver, which
>does not support useful SSL, and also does not distribute source, and
>retrofit a useful 128-bit SSL implementation to it?  It has a C API, but
>I haven't looked at the API enough to see if I could do it within the API.
>Are there any proxies which could be stuck between the insecure server
>and the user (preferably with an ssh link between the servers) which could
>provide SSL proxy service?  It seems like this should be trivial to do,
>but I haven't tried yet, and I want to have some reedeming value for this

Why not just get a server that _does_ have useful SSL support,
like Apache-SSL (for non-US freeware) or Stronghold (for US commercial use)?
There are workarounds out there for undersecure clients,
like SafePassage and some German Java applet, but that's the easy side.

Bill Stewart, [email protected]
PGP Fingerprint D454 E202 CBC8 40BF  3C85 B884 0ABE 4639