ARCHIVE/rippled
1
0
Fork 0
mirror of https://github.com/XRPLF/rippled.git synced 2025-12-06 17:27:55 +00:00
Code Issues Packages Projects Releases Wiki Activity

Use a self-signed certificate for peers (RIPD-108):

Browse Source 
Generate a new RSA key pair and a self-signed X.509v3 certificate to use
with SSL connections to rippled peers.  New credentials are created each
startup.
This commit is contained in:
Josh Juran
2014-10-14 03:55:10 -07:00
committed by Vinnie Falco
parent 93d4b73b2f
commit edc15b9fa2
1 changed files with 13 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
src/ripple/common/impl/RippleSSLContext.cpp
View File

@@ -352,6 +352,19 @@ void RippleSSLContextImp::initAnonymous (
cipherList.c_str ());
if (result != 1)
throw std::invalid_argument("SSL_CTX_set_cipher_list failed");
using namespace openssl;
evp_pkey_ptr pkey = evp_pkey_new();
evp_pkey_assign_rsa (pkey.get(), rsa_generate_key (2048));
x509_ptr cert = x509_new();
x509_set_pubkey (cert.get(), pkey.get());
x509_sign (cert.get(), pkey.get());
SSL_CTX* const ctx = context.native_handle();
ssl_ctx_use_certificate (ctx, cert);
ssl_ctx_use_privatekey (ctx, pkey);
}
void RippleSSLContextImp::initAnonymous (std::string const& cipherList)