daniel cc wrote:
> Hi Arno,
> Thanks for the response.
> Yes I do understand but,
> looks like, I can't explain correctly.
> My point is,
> If I buy a certificate for the server,
> I need to connect more than 5 clients to the same server.
> Does this mean, I need to have 5 certificate or can I use 1
> certificate which has 5 keys?
Clients do not need a certificate (and key) to be able to
connect to a SSL server.
> I hope it is clear this time..
> -----Original Message-----
> From: Arno Garrels
> Sent: Wednesday, June 15, 2011 1:55 PM
> To: ICS support mailing
> Subject: Re: [twsocket] SSL server and CLient cert.
> daniel cc wrote:
>> Thanks again,
>> can you please clear a bit up,
>> I understand the server certification but,
> Do you realy?
>> where do I get the client key which is that PEM file?
> Do you need/want client certificates? If so, the server
> will have to verify client certificates during the SSL handshake
>> Is it delivered with the certificate or should I buy that separately?
> When you order a SSL certificate a matching key is created,
> you always get a key along with your certificate otherwise a
> certificate was useless.
> Usually you buy a SSL server certificate. Its common name field is
> the DNS name of the server. i.e. to smtp.gmail.com or
> If clients may connect from dynamic IP addresses a certificate
> can neither be issued to an IP nor to a DNS name, hence rather
> useless. In such case a good password is as secure as a client
> certificate that i.e. has some ID in it's common name field.
> And if both clients and server are under your control it is
> not required to buy a certificate, just create your own CA
> and certificates (server and client if you like).
> Arno Garrels
> To unsubscribe or change your settings for TWSocket mailing list
> please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket
> Visit our website at http://www.overbyte.be
To unsubscribe or change your settings for TWSocket mailing list
please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be