--On Friday, January 25, 2002 8:12 AM +0100 Lutz Jaenicke
<[EMAIL PROTECTED]> wrote:
> On Thu, Jan 24, 2002 at 05:14:04PM -0500, Rob Beckers wrote:
>> > From what I understand of the SSL/TLS protocol only the server's
>> > public key
>> (from the server cert) is used during the handshake. Therefore, do I
>> *have* to set a cert with SSL_CTX_use_certificate_file() (and a
>> password callback function) if all I want to do is have an SSL client
>> connect using an SSL connection and don't care about verifying the
>> server cert in any way?
>
> Search the mailing list archive for discussions about "ADH" ciphers.
>
> Best regards,
> Lutz
Hi Lutz,
Thanks for your reply (I really appreciate the effort you're putting forth
on this list!). But you seem to misunderstand my question. I'm talking
about RSA key-exchange, not Diffie-Hellman. The SSL/TLS protocol seems to
only use the server public key (from the cert) for the client to encrypt
the pre-master-secret. There doesn't seem to be any use of the client's
public key.
So the question is: If no public key is used for the client why do I need
to set up a cert and key pair for an SSL client? Or can I do without? All
the sample code I've been looking at calls SSL_CTX_use_certificate_file()
and SSL_CTX_set_default_passwd_cb(), even for SSL clients. Can I do without
this?
Rob
-/-
Serv-U Author & Manager
Cat Soft, LLC
-- This message was entirely written using recycled electrons --
All about FTP Serv-U v3.1: http://www.Serv-U.com
FTP Serv-U list: http://www.Serv-U.com/mailinglist
----------------------------------------------------------------
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
