[zeromq-dev] TLS (openssl) for ZeroMQ
林宝龙
lbl52001 at gmail.com
Mon Dec 24 23:02:19 CET 2018
Hi,
We are adding TLS support for ZeroMQ(based on 4.2.5). Product reason, we
choosed OpenSSL as TLS library.
Ask community for suggestions, which solution below is better?
1. Use TLS public certification, private key, etc as socket option (set
through setsockopt), ZeroMQ manages the OpenSSL context, one OpenSSL
context per socket_base_t object.
2. Use OpenSSL context as socket option(set through setsockopt), external
application should provide the OpenSSL context, with public certification,
private key, etc. set in context level, all ssl connections share the same
configuration as the input OpenSSL context.
At beginning we choosed the first solution, like curve, use public
certification, private key as the socket option. But later on, we found the
second solution that use external OpenSSL context can make the ZeroMQ code
simpler, and more flexible, external application can configure the OpenSSL
context without change the ZeroMQ socket options.
Welcome your comments.
Best regards,
Baolong
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.zeromq.org/pipermail/zeromq-dev/attachments/20181224/7aa52948/attachment.htm>
More information about the zeromq-dev
mailing list