I make a client and server certificate and then sign it with the root cert.Are these generated certificates the public keys?. I can attach small data to an RSA key but usually RSA is not used for actually encrypting the data. Is that right?.
A specified cipher suite(e.g sha1 for hashing etc.) is used. This is also where the actual data you send's encryption scheme is also defined. Not really sure about this?.
I also use SSL_OP_EPHEMERAL_RSA and SINGLE_OP_SINGLE_DH_USE So by this i see i use diffie hellman for key exchange and then using RSA encryption for verification. The way this is done is very vague. How are both of these used together exactly?. I know how both the diffie hellman and RSA algorithms work as public/private keys. I think that in this case for verification a crytographic hash(e.g sha1) is made of the generated certificates and then this is used to match certs for verification. Also i dont see
exactly where my public key and private keys on both the server and client interact to encrypt and decrypt the data. Can someone explain this better?.
New Yahoo! Messenger with Voice. Call regular phones from your PC and save big.
