>>>>> "TassoA" == TassoA <[EMAIL PROTECTED]> writes:
TassoA> Hi, we have written a custom server application using
TassoA> OpenSSL, our application uses a self signed root CA
TassoA> certificate, this is required so we can control who can
TassoA> connect to our server.
TassoA> The server app we wrotte, requires client
TassoA> authentication. Am I right to say that the client requires
TassoA> a certificate for this?
Yes
TassoA> If the client requires a certificate then I must get my
TassoA> certificate signed using the server's certificate, is this
TassoA> right??
No. the client will be asked to present the certificate its
certificate to the server, who will then verify it against its known
root certificates
TassoA> The client application will be in JAVA using JSSE...
TassoA> Can someone please explain how to create a certificate
TassoA> with the JAVA keytool, and have it signed by our server's
TassoA> cert, from A-Z
Read the javadoc that comes with the JDK, the instructions are pretty
clear or else look at Java2 Network
security.
I have instructions for using JSSE with the enhydra app server at :
http://www.enhydra.org/software/documentation/enhydra/doc-3.0.1/SSL.html
- these contatain the steps to generate a certificate, thought the
javadoc is the best source.
JSSE example code is at:
http://www.latif.org/ssl/
steve
TassoA> Thanx
TassoA> ______________________________________________________________________
TassoA> OpenSSL Project http://www.openssl.org User Support
TassoA> Mailing List [EMAIL PROTECTED] Automated List
TassoA> Manager [EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
