New to OpenSSL-Need a little help

[Kevin Eppinger]

I have been tasked with a project that involves writing a process (not a CGI invoked from Apache) that sends a secure request to a https website and reads the response back, parses it..blah, blah, blah.  Its has to be done this way because this certain third party doesn’t have a Linux/C/C++ API available.  I have started to write an OpenSSL client, but, as I said, I am very new to it and would appreciate an overview of what I need to do.  Here is what I know:   Initialize the SSL library (SSL_library_init()…SSL_CTX_new(SSLv23_client_method())…SSL_new(), etc) Setup/connect an underlying BIO (in this case, a TCP socket) “Bind” the BIO connection (a socket descriptor) to the SSL object (SSL_set_fd()) SSL_write(), SSL_read(), etc.   Here is what I don’t know:   How to properly use SSL_connect()  i.e.-What do I need in the way of certificates and public/private keys?  How does the handshake take place?  Do I need to verify their certificate once the connect is completed?  Etc… If I’m going to *their* secure site, aren’t *they* the ones who need to provide the secure certificate? I’m using non-blocking sockets.  Is there any special treatment I need to give the SSL_write/read ops?   I’m going out to buy a book now, but I’m sure there will be other questions from me.  Thanks for any help!   -kevin