skip to Main Content

Create SSL Torrent With OpenSSL

Prerequisite

You will need OpenSSL to create a free SSL certificate.

You can get the latest OpenSSL here.

If you prefer you can download a precompiled OpenSSL 1.1.0 from Koinonein here.

Creating a Certificate Authority and Certificates with OpenSSL

The CA is used in SSL to verify the authenticity of a given certificate. The CA acts as a trusted third party who has authenticated the user of the signed certificate as being who they say. The certificate is signed by the CA, and if the client trusts the CA, it will trust your certificate. For use within your organization, a private CA will probably serve your needs, your certificate is also used for encryption.

Creating a private CA

  • Go to the OpenSSL bin directory (/usr/local/ssl/misc).
  • There is a script called CA.sh.
  • su to root
    • Make sure that the OpenSSL bin directory is in your path.
  • ./CA.sh -newca
    • When prompted for CA filename hit return.
    • Answer the rest of the questions intelligently. The common name would be how this certificate might be referred to. For example, the Equifax Secure CA uses the common name of Equifax Secure Certificate Authority.

Creating certificates

  • ./CA.sh -newreq
    • This creates an unsigned certificate request.
    • The procedure is the same as creating a private CA except you’ll want to use the name of the host that will use the certificate as the common name (host.domain.com). If they don’t match, the client will not like it.
    • You probably don’t want to use the same passphrase for this as you did with the CA.
  • ./CA.sh -sign
    • It will ask for a PEM pass phrase, that’s the passphrase you set for the private CA you created.
    • This signs the certificate that you just created with the CA you created just moments before. You can generate multiple certificates. You’ll probably need to. For example, mail.foo.com and www.foo.com each need their own certificate.
  • The signed certificate is now in the current directory as newcert.pem. If you are going to create more, you should rename this or it will be overwritten be subsequent signatures.

Create SSL Torrent

Creating a SSL torrent is exactly the same as creating a standard torrent except you add the path to the private CA certificate you just created in the SSL Root PEM section.

Sharing SSL Torrent

When you add a SSL torrent to Koinonein you will be prompted for the following information:

You won’t be able to download the torrent’s content without the certificates and password you just created.

Once you enter the correct details Koinonein will download the torrent as it would any other torrent.

Benefits of SSL Torrents

  • End to end encryption
  • Stop, pause and resume transfers
  • Distribute large files privately over public networks without server infrastructure
  • Only password and certificate holders can access the data
  • Certificates revocable
Back To Top

Copyright 2017 Koinonein Ltd - All Rights Reserved

Koinonein On Facebook
Koinonein On Twitter
Koinonein On Google+
Koinonein RSS
Koinonein On Google+
Koinonein RSS