Establishing a TLS client connection programmatically
We are going to develop a small tls-client program that will connect to an HTTPS server via TLS, make an HTTP request, and read the response from the server.
To do so, we will use an OpenSSL BIO API and SSL API. The BIO API will help us to make a TLS connection, send and receive data over the connection, and properly shut it down. The SSL API will help us with setting up server certificate verification, detecting whether the connection is still alive, and distinguishing error types on the connection. As was mentioned, due to historical reasons, OpenSSL still has the SSL substring instead of TLS in the names of objects and functions that work with TLS.
More information about the SSL API can be found on the OpenSSL man pages. Here are some relevant pages:
$ man ssl $ man SSL_CTX_new $ man SSL_CTX_free $ man SSL_CTX_load_verify_locations $ man SSL_CTX_use_certificate_chain_file $ man SSL_CTX_set_verify $ man SSL_new $ man...
