Traditionally, there are 2 methods that immediately come to mind. One way is to have the SSL version of the server listen on a different port than the plain text version. Alternatively, your protocol could include a "STARTTLS" like command that indicates that the system wants to communicate securely. (See http://en.wikipedia.org/wiki/STARTTLS)
Patrick Watson, CISSP Software Engineer Data Security & Electronic Payment Systems NCR Retail 770.299.6713 | patrick.wat...@ncr.com | www.ncr.com -----Original Message----- From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of Matthias Apitz Sent: Friday, November 15, 2013 5:20 AM To: openssl-users@openssl.org Subject: connecting to (openssl-) server in SSL or clear text Hello, We have application servers, written in C, which can be configured to do SSL or not. In any case they send out a goodmorning message, ciphered with SSL or in clear text if they run configured in clear text. What would be the best method for a C-written client to figure out if the server does or not does SSL after connecting the socket? Ofc the client could try any method and if it does not fit, drop the connection and do an new one. But I hope that there are better options. Thanks matthias -- Matthias Apitz | /"\ ASCII Ribbon Campaign: www.asciiribbon.org E-mail: g...@unixarea.de | \ / - No HTML/RTF in E-mail WWW: http://www.unixarea.de/ | X - No proprietary attachments phone: +49-170-4527211 | / \ - Respect for open standards ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
