Thanks to both. It's much clear to me now.
Best regards,
--
If you want freedom, compile the source.
Sebastián Treu
http://labombiya.com.ar
__
OpenSSL Project http://www.openssl.org
User Support M
On 05-07-2010 15:39, Sebastián Treu wrote:
Hi,
I'm not much related with security, certificates and authentication,
but If anyone can gather our server certificate this way:
echo | openssl s_client -connect ${MY_SERVER}:443 2>&1 | sed -ne
'/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p'> mycert.pe
* Sebastián Treu wrote on Mon, Jul 05, 2010 at 10:39 -0300:
> if we can use a fake DNS that resolves a name as we want and
> also we can gather that certificate to be installed in the
> fake-server,
This fake-server would not have the secret key belonging to the
public key certified in the (publi
Hi,
I'm not much related with security, certificates and authentication,
but If anyone can gather our server certificate this way:
echo | openssl s_client -connect ${MY_SERVER}:443 2>&1 | sed -ne
'/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > mycert.pem
How can we avoid a possible hacked DNS ser