daniel cc wrote: > Hi Arno, > Thanks for the response. > Yes I do understand but, > looks like, I can't explain correctly. > > My point is, > If I buy a certificate for the server, > I need to connect more than 5 clients to the same server. > Does this mean, I need to have 5 certificate or can I use 1 > certificate which has 5 keys?
Clients do not need a certificate (and key) to be able to connect to a SSL server. -- Arno Garrels > > I hope it is clear this time.. > > Thanks > > -----Original Message----- > From: Arno Garrels > Sent: Wednesday, June 15, 2011 1:55 PM > To: ICS support mailing > Subject: Re: [twsocket] SSL server and CLient cert. > > daniel cc wrote: >> Thanks again, >> can you please clear a bit up, >> I understand the server certification but, > > Do you realy? > >> where do I get the client key which is that PEM file? > > Do you need/want client certificates? If so, the server > will have to verify client certificates during the SSL handshake > process. > >> Is it delivered with the certificate or should I buy that separately? > > When you order a SSL certificate a matching key is created, > you always get a key along with your certificate otherwise a > certificate was useless. > > Usually you buy a SSL server certificate. Its common name field is > the DNS name of the server. i.e. to smtp.gmail.com or > www.microsoft.com. > > If clients may connect from dynamic IP addresses a certificate > can neither be issued to an IP nor to a DNS name, hence rather > useless. In such case a good password is as secure as a client > certificate that i.e. has some ID in it's common name field. > And if both clients and server are under your control it is > not required to buy a certificate, just create your own CA > and certificates (server and client if you like). > > -- > Arno Garrels > > -- > To unsubscribe or change your settings for TWSocket mailing list > please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket > Visit our website at http://www.overbyte.be -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be