Just to be more elaborate, all that has been configured (for security purposes) is ::
################################################################### SSLCertificateFile = /etc/ssl/certs/ssl.crt SSLCertificateKeyFile /etc/ssl/certs/ssl.key ################################################################### in "ssl.conf", and (i think) this is available only to the server. So, the data can be encrypted, but I am still clueless as to how is it decrypted at the client side. Regards, Ajay On Mon, Mar 26, 2012 at 10:24 AM, Ajay Garg <ajaygargn...@gmail.com> wrote: > Thanks Eric for the reply. > > Eric, but how is the shared secret comfigured? > I do not remember configuring anything like this for the HTTPS-based > WebDAV server. > > Thanks and Regards, > Ajay > > > On Sun, Mar 25, 2012 at 11:39 PM, Eric Covener <cove...@gmail.com> wrote: > >> > BUT, HOW IS THE CLIENT ABLE TO DECRYPT THE DATA? (I have been running >> both >> > webdav server and client on the same machine; so it might very well >> > be the case that some info from "ssl.conf" and/or "httpd.conf" is being >> used >> > at the client side. However, I am just guessing ... >> >> Under SSL, the client and server negotiate a shared secret used to >> encrypt/decrypt the data. >> >> They can set this up securely because the client starts this process >> with info encrypted with the servers public key. >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org >> For additional commands, e-mail: users-h...@httpd.apache.org >> >> >
