RE: a task that I'm sure someone has solved - And a newbie question to boot!

Tue, 28 Sep 1999 06:35:04 -0700 

Hi All,

I've doing the same task, and have found it easiest using the simple client
example in the demos\ssl directory - s_client is reasonably complex for what
is a reasonably simple task.

What I don't understand is how to authenticate the server once the secure
connection has been established - In theory, I believe, it could be any
secure server using any snakeoil CA that I have connected to.

Is there an standard method for a client to authenticate a server & a
server's CA?  It seems to be a basic enough function, but I keep getting
lost in the headers.

Is it enough just to parse the details provided by
X509_get_issuer_name  (server_cert) ? (I don't think so)

Any help or pointers appreciated,

Cheers,

Ian.
----


The mysterious comment in cli.cpp:

  /* We could do all sorts of certificate verification stuff here before
deallocating the certificate. */

tells me I'm missing something.






-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Holger Reif
Sent: Tuesday, September 28, 1999 7:39 AM
To: [EMAIL PROTECTED]
Subject: Re: a task that I'm sure someone has solved


Craig Idler schrieb:
>
> Hi -
>
>  I would like to use the OpenSSL library with an application to send
> http method requests to a ssl enabled web server.

openssl s_client utility can do this. But you need to craft
the HTTP Request by hand (that shouldn't be to hard)

> In addition, I must
> be able to interact with the server to provide user:password
> information.

That shouldn't be to hard as well, since it involves only
encoding of the password. Kind of base64? don't know, check the
releveant RFC. But if this is the case openssl is your friend as
well with "openssl base64 -e"


--
Holger Reif                  Tel.: +49 361 74707-0
SmartRing GmbH               Fax.: +49 361 7470720
Europaplatz 5             [EMAIL PROTECTED]
D-99091 Erfurt                    WWW.SmartRing.de
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to