Is it possible to have null, untrusted, or shared certificates, to simplify deployment for apps that don't care about SSL?
Basically I have an infrastructure that uses OpenSSL for comms. As it is protocol based, it's important that everything runs the same code (I.e. I don't want different ports for non-SSL comms, and the SSL sockets require different blocking mechanisms otherwise deadlocks). However, some applications using the infrastructure won't care about TLS. To ease development/deployment for those, I don't want them to have to define certificates, CAs, etc etc for nothing. Rather, is there anyway I can package the code such that there is a default (insecure certificate/CA) that they can use which will work with other SSL clients (though insecurely); or they can specify their own for real security? Essentially, just want some sort of default SSL certificate that is accepted, can be used to establish a connection just as any other, but doesn't actually provide security. Advice welcome!! thanks! ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
