EXAMPLE FOR OPENSSL CONNECTION USING SOCAT

Hosts: a server and a client

1) Generate self signed server certificate
// generate a private key;
$ openssl genrsa -out server.key 1024
// generate a self signed cert:
$ openssl req -new -key server.key -x509 -days 3653 -out server.crt
//     enter fields... (may all be empty when cert is only used privately)
// generate the pem file:
$ cat server.key server.crt >server.pem
// secure permissions:
$ chmod 600 server.key server.pem
// copy server.pem to the server host using a secure channel (floppy, scp...)
//    and keep tight permissions
// remove all other instances of server.key and server.pem
// copy server.crt to the client host

2) Generate self signed client certificate
// like server certificate, but use names client.*
// copy client.pem to the client host using a secure channel (floppy, scp...)
//    and keep tight permissions
// remove all other instances of client.key and client.pem
// copy client.crt to the server host

3) Start socat based SSL server
// on server host:
$ socat ssl-l:1443,reuseaddr,fork,cert=server.pem,cafile=client.crt,verify=1 exec:'uptime'

4) Invoke socat based SSL client
// on client host:
$ socat - ssl:server-host:1443,cert=client.pem,cafile=server.crt