Virtual Private Network created using the Java Cryptography Architecture and the OpenSSL library.
Virtual Private Network software built with Java using OpenSSL.
In order to run the VPN you need to run the ForwardServer class.
You should run the ForwardServer class with specific program arguments:
--handshakeport=2206 --usercert=certs/server.pem --cacert=certs/CA.pem --key=certs/serverprivatekey.pem
These are program arguments for the client:
--handshakehost=localhost --handshakeport=2206 --targethost=localhost --targetport=1337 --usercert=certs/client.pem --cacert=certs/CA.pem --key=certs/clientprivatekey.der
Open a netcat listening to the target port specified by the client.
Connect a netcat to the client's forward port that it specifies in the logs of its program after the handshake is complete.
You should then be able to write text between the two netcats.
Test the encryption is working by looking at the ForwardThread file and uncomment the block of code specified in the file.
This program requires that the server's and client's certificates have been signed by the same CA.
Generate the CA certificate and its private key:
openssl req -new -x509 -newkey rsa:2048 -keyout CAprivatekey.pem -out CA.pem
Generate the CSR for the client/server:
openssl req -out client.csr -new -newkey rsa:2048 -keyout clientprivatekey.pem
Sign the CSR with the CA:
openssl x509 -req -in client.csr -CA CA.pem -CAkey CAprivatekey.pem -CAcreateserial -out client.pem
We also need to convert .pem formatted key to a .der:
openssl pkcs8 -nocrypt -topk8 -inform PEM -in clientprivatekey.pem -outform DER -out clientprivatekey.der
Below is a detailed set of steps breaking down how, using this project, a client and server create a secure communication channel.
The step numbers are referenced in the code at the points where each task is completed.