"Tobias Mattsson" <[EMAIL PROTECTED]> writes: > Well it might not be such a good design, > but what I asked initially was only if it is possible to restrict apache from giving >the cert out, and if that somehow can stop people from connecting to the server >without having the certificate. No. This violates the SSL specification.
> This is necessary since I am using a stripped SSL implementation on > the client side that does not support client authentication (The > clients will be Digital-TV set-top-boxes with OpenTV OS). I'm a little puzzled by this: the additional cost of adding client authentication TO THE CLIENT is very small. Essentially, it's being able to transmit two additional messages. Be better just to add client auth. Or, use passwords. -Ekr ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
