emSSL Sample Applications
emSSL is shipped with a small set of precompiled examples that demonstrate TLS capability:
- Browser — a minimal text-based web browser using HTTPS
- WebServer — a minimal web server using HTTPS
Browsing websites with emSSL
Open a command line window on Windows and navigate to the Browser directory that contains the Browser.exe application. Once there, run Browser.exe and you should see something similar to this:
C:> browser Connecting to www.segger.com... ...Redirecting to index.html Connecting to www.segger.com... * Home * RTOS and Middleware * J-Link Debug Probes * Production Programmers * Evaluate our software! * Downloads * Distributors * Customers * Partners * Pricing * Forum * About us ...
The browser opened a secure connection to the www.segger.com website on port 443 (the HTTPS port) and retrieved the HTML associated with the home page. It then processed the HTML markup to format the output nicely. The browser will work on any website that can support an HTTPS connection, but graphic-rich websites have a poor textual browsing experience.
Serving web pages with emSSL
Now open up a second command line window, navigate to the WebServer directory and run the WebServer.exe application. It is likely that you will see a dialog asking you to grant the web server application access to the network, which you should do. You should now see something like:
C:> webserver (c) 2014-2015 SEGGER Microcontroller GmbH & Co. KG www.segger.com emSSL Simple Secure Web Server V1.02 compiled May 13 2015 09:38:20 Awaiting connection...
The web server application is waiting for somebody to connect to it such that it can serve its small web page.
Now we will connect emSSL to emSSL over a TLS connection — we are going to browse the website served by the WebServer application by using the Browser application.
Back in the first window, type "browser 127.0.0.1:1234", the IP address of the local web server and the port it will serve on, and you will see:
C:> browser 127.0.0.1:1234 Connecting to 127.0.0.1... Welcome to SEGGER's emSSL Server! The agreed cipher suite is RSA-WITH-AES-256-GCM-SHA-384. Have a great day! :-) C:> _
Here you will see the web page served by the emSSL web server. And in the web server window you will see:
C:> webserver (c) 2014-2015 SEGGER Microcontroller GmbH & Co. KG www.segger.com emSSL Simple Secure Web Server V1.02 compiled May 13 2015 09:38:20 Awaiting connection... Connection made, attempting to upgrade to secure... Session is now secured by RSA-AES-256-GCM-WITH-SHA-384. Socket closed by server. Awaiting connection...
This shows that both sides of the TLS connection are working correctly and the cipher suite that was agreed between them, RSA-AES-256-GCM-WITH-SHA-384 in this case, is the same on both sides.
To prove that this is no accident, you can point a standard web browser, such as Firefox or Chrome, to the local web server. Open your web browser and enter the URL "https://127.0.0.1:1234/index.html" into the address bar. You should now be greeted by a notification from the browser that the certificate presented is invalid — and it is, according to the browser, because you are browsing your own PC using a self-signed certificate rather than a fully-authenticated certificate for a website on the Internet. Accept the certificate or click "Advanced" and "Proceed to 127.0.0.1" and you should be greeted with a short web page served by emSSL on your PC.
Internet Explorer has some difficulties with locally-hosted websites serving what it thinks are invalid certificates, so it is better to use Chrome or Firefox in this case.