Awesome Open Source
Awesome Open Source


A lite TLS implementation used for learning(TLS 1.0 TLS 1.1 TLS 1.2 TLS 1.3 GMSSL 1.1 ) based on

1.Not supporting multiplethreading.
2.The memory used for Atls(handshaked session) is less than 1k + 2*EVP_CIPHER_CTX(OpenSSL).

For daemon using


You can also specify the newer by using cryptodir where the OpenSSL being compiled and installed to.
make cryptodir=/$YOURPATH/openssl/.openssl

For GMSSL, the version of must be greater than OpenSSL-1.1.1a. Because the openssl-1.1.1 is in developing and may be changed greatly, please create issues if you have any question.

For Nginx using(Version 1.13.12)

Add void *a_tls; into struct ngx_connection_s.
compile like./configure --add-module=/$YOURPATH/a_tls/ --with-stream --with-http_ssl_module --with-stream_ssl_module --with-openssl=/$YOURPATH/openssl/.

Common Directives

stream {
    server {
        listen 443;
        a_tls_certificate ecc.pem;
        a_tls_certificate_key ecc.key;
        a_tls_certificate rsa.pem;
        a_tls_certificate_key rsa.key;

GMSSL Directives

stream {
    server {
        listen 443;
        a_tls_certificate gm.cert;
        a_tls_certificate_key gm.key;
        a_tls_sign_certificate gm.cert;
        a_tls_sign_certificate_key gm.key;

You can also mix SM2 certificate and TLS certificate to support both TLS and GMSSL.


For using GMSSL, plz using 360 GM browser and then change your client's local time before 01/01/2018(caues the daemon certificate has expired).

BUG reporting

1: Using Wireshark to capture the TLS packet.
2: Using make DEBUG=1 and paste the log info.
3: Certificates and Keys(Option).
4: Nginx configure file(Option).
5: Send to [email protected].

Related Awesome Lists
Top Programming Languages
Top Projects

Get A Weekly Email With Trending Projects For These Topics
No Spam. Unsubscribe easily at any time.
C (183,732
Nginx (16,717
Certificate (11,220
Daemon (8,276
Ssl (7,689
Tls (4,954
Openssl (4,337
Tls Certificate (195
Tls13 (68
Sm2 (45
Gmssl (4