Handing over a tls server between processes

Mohammad Zolfaghari mohammad.zolfaghari at actian.com
Mon Aug 14 09:50:43 UTC 2023


We are going to use openssl library in our product. A Client/Server communication that should be encrypted but there are two processes on the server side. Having done the first process, the socket handle will be handed over to the second process and it is needed for both connections to be encrypted. So, we are thinking whether we can use the serialization/deserialization of the ssl_session between our processes, regarding the fact they are playing a server role in the TLS connection. We would like to find a way to avoid paying the cost of key agreement protocol multiple times while we are handing over the connection. It would be kind of you to let us have your thoughts.


Best regards | Viele Grüße



[cid:c229d4d2-579c-4393-ae2b-7875892173bf]

Mohammad Zolfaghari

Software Engineer

Actian, A Division of HCLSoftware

M +49 162 27 88 158
www.<https://www.actian.com/>actian.com<https://www.actian.com/>



[cid:dc70573a-d578-4af5-9193-fa6e93313ba7]<https://www.hcltechsw.com/data-analytics-insights>

GESELLSCHAFTSANGABEN: Actian Germany GmbH | Sitz der Gesellschaft: Halenreie 42, 22359 Hamburg | Geschäftsführung: Stephen Padgett, Marc Monahan | Handelsregister: Amtsgericht Hamburg | HRB 135991 | USt-IdNr: DE252449897

CONFIDENTIAL: This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error, please notify the system manager. This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. If you are not the intended recipient you are notified that disclosing, copying, distributing or taking any action in reliance on the contents of this information is strictly prohibited.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-users/attachments/20230814/d4f0e03e/attachment-0001.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Outlook-jedlghrp.png
Type: image/png
Size: 6149 bytes
Desc: Outlook-jedlghrp.png
URL: <https://mta.openssl.org/pipermail/openssl-users/attachments/20230814/d4f0e03e/attachment-0002.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Outlook-tg2u2lqv.png
Type: image/png
Size: 70639 bytes
Desc: Outlook-tg2u2lqv.png
URL: <https://mta.openssl.org/pipermail/openssl-users/attachments/20230814/d4f0e03e/attachment-0003.png>


More information about the openssl-users mailing list