Skip to content
/ Secure-Chat-System-using-Mutual-TLS Public

Developed a secure real-time chat application in C++17 on Linux, using mutual TLS (mTLS) and OpenSSL for bi- directional certificate-based authentication and encrypted communication. Built a multithreaded server to support multiple concurrent clients, implemented additional password security.

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Subrat-03/Secure-Chat-System-using-Mutual-TLS

BranchesTags

Repository files navigation

Secure Chat System with Mutual TLS (mTLS)

A secure, terminal-based chat application developed in C++ using mutual TLS (mTLS) with OpenSSL.
This project demonstrates a production-grade security mechanism where both client and server authenticate each other using digital certificates, ensuring confidentiality, authenticity, and integrity of all communications.

Features

  • Mutual TLS authentication: both server and client verify certificates.
  • TLS 1.3 encrypted communication ensuring secure message exchange.
  • Multi-client support with concurrent connections via multithreading.
  • Modular C++ codebase designed for scalability and portability.
  • Tested on Linux systems with planned extension for Windows compatibility.

System Architecture

High-Level Workflow


\[ Client 1 ] --
\[ Client 2 ] ---- mTLS ----> \[ Secure Chat Server (C++) ]
\[ Client N ] --/

Architecture Diagram

Architecture Diagram

Technology Stack

  • Language: C++17
  • Security: OpenSSL (TLS 1.3, X.509 certificates)
  • Concurrency: POSIX Threads (Linux)
  • Build Tool: CMake

Project Structure

secure-chat-mtls/
│── src/
│   ├── server.cpp        # Server implementation
│   ├── client.cpp        # Client implementation
│   ├── tls_utils.cpp     # TLS and certificate utilities
│── include/              # Header files
│── certs/                # Certificates (generated locally)
│── scripts/
│   └── generate-certs.sh # Helper script for certificate generation
│── docs/
│   ├── architecture.png  # System diagram (placeholder)
│   └── demo.png          # Terminal session screenshot
│── CMakeLists.txt
│── README.md

Prerequisites

  • C++17 or later
  • OpenSSL (>= 1.1.1)
  • CMake build system
  • Linux/Unix-like environment (initial testing platform)

Installation

  1. Clone the repository
git clone https://github.com/Subrat-03/Secure-Chat-System-using-Mutual-TLS.git
cd secure-chat-mtls
  1. Generate certificates Run the helper script to create CA, server, and client certificates:
./scripts/generate-certs.sh

This generates:

  • ca.crt – Certificate Authority
  • server.crt, server.key – Server certificate and private key
  • client.crt, client.key – Client certificate and private key
  1. Build the project
mkdir build && cd build
cmake ..
make

Demo Video

A short demonstration video of the system in action is included in the repository:

Watch the video

Start the Server

./server ../certs/server.crt ../certs/server.key ../certs/ca.crt

Start the Client

./client ../certs/client.crt ../certs/client.key ../certs/ca.crt

Security Considerations

  • Both server and client must present valid certificates signed by the same Certificate Authority (CA).
  • TLS 1.3 is enforced to guarantee strong encryption.
  • Private keys (.key files) should be stored securely and excluded from version control.
  • Only CA-signed clients are permitted to connect, preventing unauthorized access.

About

Developed a secure real-time chat application in C++17 on Linux, using mutual TLS (mTLS) and OpenSSL for bi- directional certificate-based authentication and encrypted communication. Built a multithreaded server to support multiple concurrent clients, implemented additional password security.

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages