Difference between revisions of "DTLS"
(→DTLS Implementation Notes) |
(+s) |
||
| Line 3: | Line 3: | ||
== DTLS Support in Net-SNMP == | == DTLS Support in Net-SNMP == | ||
=== Release 5.6: RFC 5953 Full support === | === Release 5.6: RFC 5953 Full support === | ||
| − | Net-SNMP 5.6 and above | + | Net-SNMP 5.6 and above contains full support for [[SNMP]] over TLS and DTLS ([[rfc:5953|RFC5953]]). |
This support is not enabled by default in release 5.6. The configure arguments needed to | This support is not enabled by default in release 5.6. The configure arguments needed to | ||
enable support are [[Using_DTLS#Compiling_Net-SNMP_with_TLS_and_DTLS_Support|here]]. | enable support are [[Using_DTLS#Compiling_Net-SNMP_with_TLS_and_DTLS_Support|here]]. | ||
| Line 12: | Line 12: | ||
interoperate with the code in release 5.6 | interoperate with the code in release 5.6 | ||
| − | == | + | == Experimenting with DTLS == |
| − | The Net-SNMP test server is publicly available for testing. Once you have | + | The Net-SNMP test server is publicly available for SNMP testing. Once you have |
Net-SNMP release 5.6 or later installed, you can download and install the certificates | Net-SNMP release 5.6 or later installed, you can download and install the certificates | ||
needed to test secure DTLS communications to the test server. The tutorial can be | needed to test secure DTLS communications to the test server. The tutorial can be | ||
| Line 25: | Line 25: | ||
If you are developing your own DTLS implementation, we have some notes about some | If you are developing your own DTLS implementation, we have some notes about some | ||
issues we ran into with using OpenSSL for supporting SNMP over DTLS within Net-SNMP. | issues we ran into with using OpenSSL for supporting SNMP over DTLS within Net-SNMP. | ||
| − | They can be found on the [[DTLS Implementation Notes | + | They can be found on the [[DTLS Implementation Notes]] page. |
| − | + | ||
Latest revision as of 13:46, 15 September 2010
DTLS stands for "Datagram Transport Layer Security" and is a method of sending TLS packets over datagram based protocols like UDP and SCTP. It is defined in RFC4357. It uses X.509 certificates for authenticating both sides of the connection.
Contents
DTLS Support in Net-SNMP
Release 5.6: RFC 5953 Full support
Net-SNMP 5.6 and above contains full support for SNMP over TLS and DTLS (RFC5953). This support is not enabled by default in release 5.6. The configure arguments needed to enable support are here.
Release 5.5: Experimental support
Net-SNMP 5.5 had experimental code added while the RFC was being drafted. The final RFC has some differences that are incompatible with the experimental code in release 5.5, so 5.5 code will not interoperate with the code in release 5.6
Experimenting with DTLS
The Net-SNMP test server is publicly available for SNMP testing. Once you have Net-SNMP release 5.6 or later installed, you can download and install the certificates needed to test secure DTLS communications to the test server. The tutorial can be found at Using TLS.
Configuring DTLS
If you would like to set up certificates for your Net-SNMP agent(s), instructions can be found on the Using DTLS page.
DTLS Implementation Notes
If you are developing your own DTLS implementation, we have some notes about some issues we ran into with using OpenSSL for supporting SNMP over DTLS within Net-SNMP. They can be found on the DTLS Implementation Notes page.
