Products > Networking & Wireless

HTTP to HTTPS conversion device?

(1/5) > >>

AlbertL:
I have a programmable logic controller at a remote site that's pushing data to a server via HTTP at 5-second intervals, but I'd like to move to HTTPS.  The PLC has TLS capability so it can do HTTPS, but it doesn't have a specialized encryption processor so the handshake is very slow - in the range of 8-15 seconds to establish a connection.

So I'm wondering: does anyone make a fast, transparent converter that would accept HTTP messages from the PLC, forward them to the server via HTTPS, and pass the response back to the PLC as HTTP?  I think what I want is a "TLS termination proxy", but in a stand-alone hardware package.

madires:
RasPi + squid + script to rewrite the URL

pqass:
stunnel is available for various Linux, FreeBSD, others:
https://www.elastic.co/guide/en/cloud/current/ec-tunneling-ssl.html
https://blog.thesysadmins.co.uk/using-stunnel-to-encrypt-unsecure-connections.html
https://www.stunnel.org/
https://www.freebsd.org/cgi/ports.cgi?query=stunnel&stype=all

From the man page:  https://www.stunnel.org/static/stunnel.html
PLC connects to stunnel gateway, gateway calls HTTPS service. 
In the example below, in on 143 out to servername:993


--- Quote ---In order to let your local e-mail client connect to a TLS-enabled imapd service on another server, configure the e-mail client to connect to localhost on port 119143 and use:

    [imap]
    client = yes
    accept = 143
    connect = servername:993
--- End quote ---

AlbertL:

--- Quote from: madires on December 22, 2021, 06:30:45 pm ---RasPi + squid + script to rewrite the URL

--- End quote ---

Thanks - that's an interesting approach.  Do you have any feel for the speed of TLS in that environment?  As I mentioned, sending HTTPS message from my PLC takes about 8-15 seconds; that's to open the TCP connection, do the TLS handshaking and send < 1KB of data.  I'd want to get that under 5 seconds.     

madires:
Less than 5 seconds shouldn't be any problem.

Navigation

[0] Message Index

[#] Next page

There was an error while thanking
Thanking...
Go to full version