>>> Kenneth Mutka <[EMAIL PROTECTED]> 12/08/99 07:55AM >>>
>... run mod_ssl without having Certificates? I just want the crypto
from the
>package, nothing else.
>Is that possible?
>If not, what should I choose instead?
That's not possible for *any* Public-Key cryptography system unless the
client already knows your public key (as can be done with SSH). This
isn't possible with HTTPS, of course, because every browser in the world
would have to be pre-stocked with the public key of every HTTPS server
in the world. The point of the certificate is to inform the client of
your public key (which is contained within the certificate) in such a
way that the client can believe you; ie, your public key is wrapped in a
certificate which is digitally signed by a trusted Certification
Authority. So you *have to* have a certificate to be able to do HTTPS!
Hope this helps.
--Cliff
Cliff Woolley
Central Systems Software Administrator
Washington and Lee University
http://www.wlu.edu/~jwoolley/
Work: (540) 463-8089
Pager: (540) 462-2303
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
