Hi, Please understand I'm a newbie to security if my question sounds rather elementary.
The embedded product I'm working on requires a secure connection to our server that uses a Verisign certificate to authenticate. I've been porting the OpenSSL examples from the O'Reilly publication so far and I have been successfully able to make a secure encrypted connection without authentication. (example client1.c). Our next step it to implement authentication using a Verisign cert. 3rd party CA's are talked about in the book very nicely but the focus is on the server, and very little is discussed regarding what the client needs to implement, unless I'm not reading in the right place, or there's very little else for the client to do. It would seem that I would have to implement much of example client2.c; or essentially call: 1. SSL_CTX_load_verify_locations() with the trusted certificates file 2. SSL_CTX_set_verify() with the SSL_VERIFY_PEER flag set Do I have to add anything else to the trusted certificates file or will OpenSSL magically know to authenticate with Verisign? Is this all I need to do? Any references on the net to help me better understand would be apprciated as well. thanx /carl h. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
