A new release of WASP, now with SSL/TLS support
We’ve just released a new version of WASP, our pluggable application server platform. This release is built with release 6.5.2 of The Server Framework and includes support for secure TCP connections using SSL/TLS via our SChannel Option pack.
Setting up a secure TCP endpoint with WASP is easy, simply add the Secure configuration option to the <EndPoint> node like this:
<?xml version="1.0" encoding="Windows-1252"?>
<Configuration>
<WASP>
<TCP>
<Endpoints>
<EndPoint
Name="Echo Server"
Port="5050"
HandlerDLL="[CONFIG]\EchoServer.dll"
Secure="true">
</EndPoint>
</Endpoints>
</TCP>
</WASP>
</Configuration>
This tells WASP to secure the endpoint using a default certificate called “Wasp” that is located in the “MY” certificate store. You can add a self signed test certificate using the standard Microsoft “make cert” utility, makecert.exe and a simple script which creates and installs the correct type of certificate can be downloaded from here.
if you do not want to use a certificate called “Wasp” in the “MY” certificate store then you can configure the certificate used by adding the StoreName, CertificateName and UseMachineStore config values.
<?xml version="1.0" encoding="Windows-1252"?>
<Configuration>
<WASP>
<TCP>
<Endpoints>
<EndPoint
Name="Echo Server"
Port="5050"
HandlerDLL="[CONFIG]\EchoServer.dll"
Secure="true"
StoreName="OurSpecialStore"
CertificateName="OurCertificate"
UseMachineStore="true">
</EndPoint>
</Endpoints>
</TCP>
</WASP>
</Configuration>
Testing your new secure endpoint can be done using either our OpenSSL server test or our SChannel server test. These are example clients that ship with The Server Framework and that allow you to create thousands of concurrent connections and control how they send data to a server. This is an easy way to build a test system for your server as all of the complexity of managing and controlling the connections is done for you and you simply have to adjust the messages that are generated and how the response validation is done. The default message that is built is an network byte order integer length prefixed message and so this program can be used to stress test WASP with either of the first two example plugins that were discussed in the tutorial.
You can download the SChannelEchoServerTest program from here. See our for details of how to run this tool.