Hi, As you may have guessed from previous mails I am new to openSSL. Could anyone spare a few moments to check my understanding of the following. I am writing some client code which will sent requests via SSL. 1) I use SSL_CTX_use_certificate_file to load my digitally signed public key. The server may then get access to this key/certificate for authentication. 2) I use SSL_CTX_load_verify_locations to load the list of server approved CA's, allowing the client to verify certificates sent by the server. 3) Use SSL_CTX_use_RSAPrivateKey_file to inform SSL of the client certificates private key. Q1) Are the above reasonable ? Q2) Are private keys allways protected by a passphrase, regardless of the software used to create the certificate request? ( I know they can be removed ) regards Andy
begin:vcard n:Griffin;Andrew tel;home:0018 9722935 tel;work:0118 9245580 x-mozilla-html:FALSE adr:;;;;;; version:2.1 email;internet:[EMAIL PROTECTED] note:IMAP://ims1.uk.oracle.com?fetch>UID>/Personal>183&part=1.2 x-mozilla-cpt:;-25280 fn:Andrew Griffin end:vcard
