mbed TLS Integrated

mbedtls

Embedthis products including the Appweb and GoAhead web servers have supported a variety of SSL stacks for secure connectivity including: OpenSSL, mbed TLS, MatrixSSL and NanoSSL. However, this has often required separately downloading and building the SSL software. For some SSL stacks, this can be a long and non-trivial exercise to build the SSL stack for your selected operating system.

SSL is increasingly becoming mandatory and not just an option. Securely authenticating users and controlling access to a management interface requires SSL. Further, the emerging HTTP/2 protocol will use SSL by default. Consequently, we have been searching for a simpler way to offer secure SSL connectivity out-of-the-box.

Problems with some SSL Stacks

There are several problems with some existing SSL stacks, especially OpenSSL.

mbed TLS Advantages

mbed TLS has been designed for embedded use. It is much smaller, simpler and better written. The code is thus easier to maintain and support. Here are some of its features:

Use in Embedthis Software

By integrating mbed TLS into Embedthis products, we gain a small, fast and secure SSL capability that is configured by default. We have integrating mbed TLS into the following products:

Still want to use OpenSSL or another SSL Stack?

If you don’t want to use mbed TLS, you can use the configure program to select an SSL stack of your choice when building Embedthis products. Just use:

./configure --with openssl

or

./configure --with openssl=/path/to/openssl

References

Comments

{{comment.name}} said ...

{{comment.message}}
{{comment.date}}

Make a Comment

Thank You!

Messages are moderated.

Your message will be posted shortly.

Sorry

Your message could not be processed at this time.

Error: {{error}}

Please retry later.

OK