From bafcfe517b23f2683745ce6ee4679e28d086276a Mon Sep 17 00:00:00 2001
From: bel <bel2125@gmail.com>
Date: Sat, 14 Dec 2013 22:28:57 +0100
Subject: [PATCH] Document how to use OpenSSL for Windows and Linux

---
 docs/OpenSSL.md | 80 +++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 80 insertions(+)
 create mode 100644 docs/OpenSSL.md

diff --git a/docs/OpenSSL.md b/docs/OpenSSL.md
new file mode 100644
index 00000000..883c614c
--- /dev/null
+++ b/docs/OpenSSL.md
@@ -0,0 +1,80 @@
+Adding OpenSSL Support
+=====
+
+Civetweb supports *HTTPS* connections using the OpenSSL transport layer 
+security (TLS) library. OpenSSL is a free, open source library (see
+http://www.openssl.org/).
+
+
+Getting Started
+----
+
+- Install OpenSSL on your system. There are OpenSSL install packages for all
+  major Linux distributions as well as a setup for Windows.
+- The default build configuration of the civetweb web server will load the
+  required OpenSSL libraries, if a HTTPS certificate has been configured.
+  
+
+Civetweb Configuration
+----
+  
+The configuration file should contain an https port, e.g.
+  listening_ports 80, 443s
+to server http and https from their standard ports, or  
+  listening_ports 443s
+to serve only https.
+
+Furthermore the SSL certificate file must be set, e.g.
+  ssl_certificate d:\civetweb\certificate\server.pem
+
+  
+Creating a self signed certificate
+----
+
+OpenSSL provides a command line interface, that can be used to create the 
+certificate file required by civetweb (server.pem). 
+
+One can use the following steps in Windows (in Linux replace "copy" by "cp"
+and "type" by "cat"):
+
+  openssl genrsa -des3 -out server.key 1024
+  openssl req -new -key server.key -out server.csr
+  copy server.key server.key.orig
+  openssl rsa -in server.key.orig -out server.key
+  openssl x509 -req -days 3650 -in server.csr -signkey server.key -out server.crt
+  copy server.crt server.pem
+  type server.key >> server.pem
+
+
+The server.pem should look like this (x represents BASE64 encoded data):
+
+-----BEGIN CERTIFICATE-----
+xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
+xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
+xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
+xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
+xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
+xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
+xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
+xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
+xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
+xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
+xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
+xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
+xxxxxxxxxxxxxxxxxxxxxxxxxxxx
+-----END CERTIFICATE-----
+-----BEGIN RSA PRIVATE KEY-----
+xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
+xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
+xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
+xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
+xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
+xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
+xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
+xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
+xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
+xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
+xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
+xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
+xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
+-----END RSA PRIVATE KEY-----