1

I have an app made using angular and electron.I use http and https in my application. Electron uses BoringSSL which is a fork of openssl. I want to know if openssl of electron is used in any way for my application.

I am new to openssl and as far as I know it is used to generate keys and install certificates. I am not doing any encryption or signing of certificate in my app. Electron somewhat acts like a browser, so even for Http and Https calls, is openssl used?

The openssl used in electron is not FIPs compliant, so I want to know if openssl of electron is used for my application in any way.

Shubham
  • 95
  • 13

1 Answers1

2

Electron does not only act as a browser, it is a browser. Under the hood, it uses Chromium, the open source version of Google Chrome. Since Chrome uses BoringSSL for TLS and SSL encryption on HTTPS, yes, Electron will use BoringSSL for your application (if you use any encrypted traffic, not only HTTPS but also wss://, "secure websockets", for example).

Alexander Leithner
  • 3,169
  • 22
  • 33