Edward Diener wrote: > Well I asked whether protection for the client side certs were needed, > and how this might be done, and I was told I was barking up the wrong > tree, so to speak. I felt this way from the very beginning but my > employer wanted to get other opinions.
You are either unclear on the concepts that others are trying to convey, or are abusing the terminology. Certs don't require protection, they don't contain any private data, etc. > Once again the specific issue is that the MySQL server database has a > certificate from a CA authority with a server public-private key and my > client application was issued the same certificate from the CA authority > with a a client public-private key. No, it wasn't issued the same certificate. Such an assertion is absurd. > .... I need to pass the file location of > the client CA certificate/public-key/private-key ... "client CA certificate/public-key/private-key" is an indication you should stop talking and start listening. It's clear that there are fundamental concepts here that you have yet to grasp, and yet in response to attempts by others to instruct you, you just keep telling us how smart you are, while demonstrating the opposite. Anyone who talks of "hiding the client certs" is clueless. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
