Reputation: 1034
Plain socket vs SSL socket
What is the difference between a plain socket vs a ssl socket (with respect to openSSL)?
Can a client connect to port 443 (https) on the server on a plain socket and then initiate a ssl Handshake?
Upvotes: 1
Views: 5600
Answers (2)
Reputation: 597205
Yes. OpenSSL's classic (non-BIO) API is designed to support exactly that type of usage, allowing an SSL/TLS session be attached to an existing socket at any time. HTTPS is not a good example of this usage, since HTTPS requires handshaking immediately upon connecting. Think more like POP3 or SMTP, which support STARTTLS commands to dynamically initiate an SSL handshake after both parties have explicitally agreed to it over a plain connection first.
Upvotes: 2
Reputation: 18022
The only distinction between plain communication and SSL communication is the protocol. There's also nothing special about port 443, other than that it expects to communicate over the SSL protocol.
As a result, a client can definitely connect to port 443 using nothing special, and as long as they send the correct bytes (those which represent an SSL handshake), any server listening for SSL connections on port 443 will respond.
If by 'plain socket' and 'ssl socket' you mean something API specific, like a Java EncryptedSSLSocketConnection, then please clarify.
Upvotes: 2
Related Questions
- Connecting to external SSL TCP socket what does it really mean?
- What's the difference between WebSocket and plain socket communication?
- Are sockets using TCP like 80, 443 sad?
- Java SSL socket message transfer, Object or byte[]?
- SSL verses Encrypted Socket
- Server vs Client Socket (Low level details)?
- Best method for secure socket server implementation?
- Sockets and TCP Sockets
- Should Sockets be secured
- What is a socket library?