> TLS support in general may come in handy, but this certificate > thing requires I guess that you have a real webserver with a real> non local > DNS name.
> I used OpenSSL to generate some certificate There are two possibilities here: 1 - Use a public domain and certificate that does not generally have any public facing servers, except for port 80 when you collect the certificate. Your internal DNS then points that domain to your internal server. The component has a built in web server for this purpose, but not yet implemented. 2 - Become your own certificate authority, by creating your own root certificate that is installed on your client PCs once only. You then issue server certificates signed by the CA root, which will be trusted by Windows without any warnings. If you have ICS applications accessing the server, they need the root CA as well. This is how my internal network works, I have a root called Magenta Development CA that is used to sign all the server certificates. Originally I used OpenSSL batch files to do this, but ICS now has functions to create certificates signed by a CA, so you can add that to your application. The PemTool sample can be used to sign certificates as a CA, but it is quite complex in the sequence of files you create, sign and save, and even I don't always get it correct, it really needs a better sample for that purpose alone. I thought about created an ICS CA certificate for testing the samples, but that would mean distributing the private key as well which is considered criminal in the SSL world. Angus -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
