> I  want use the Overbyte ICS component for sending Mails with SSL. 
> The demo is running fine (I can send Mails).

> Now I wanted to create my own certificates (according to the 
> instructions in the directory SSlCerts File IcsSslBuildCerts.bat).

SSL client applications generally don't need SSL certificates, they are
required by all servers to actually encrypt the data, and optionally to prove
the server and domain match.  

An SSL client only needs a private key and certificate if it needs to prove
it's identity to the server as a second level over passwords, and the server
owner would normally issue the certificates. 

If you want to create a certificate request to buy an SSL certificate or create
a untrusted self signed certificate, build the OverbyteIcsPemTool sample
application which provides a GUI to do all this.  You can copy the code into
your own application for end users, generally only servers again.  

If an SSL client wants to check the server certificate is trusted, you need a
trusted store of root certificates, and these regularly expire or are cancelled,
so need to kept up to date somehow. 

The OverbyteIcsPemTool allows you to explore the Windows trusted store and
export all the trusted certificates into a single file or directory that
OpenSSL understands.  Or look at the OverbyteIcsMsVerify sample that
illustrates how to check certificates directly against the Windows trusted
store (which Windows Updates keeps up to date).

BTW, secure email testing is best done against Google gmail.  

Angus

-- 
To unsubscribe or change your settings for TWSocket mailing list
please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be

Reply via email to