> So could someone guide me with the best practices used in such scenarios? > Is there a way to securely embed the private key in the installers / CA > certificate?
I guess I'm confused. What purpose would a certificate serve if anyone can generate one that serves any purpose? If I can generate a certificate that says I'm the pope just by entering that into your installer, then a certificate that says I'm the pope doesn't prove I'm the pope. So what's the point of the entire exercise?! DS ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]