Your skill will accomplish what the force of many cannot |
|
PerlMonks |
Re: Using SSL with fixed public keyby idsfa (Vicar) |
on Apr 30, 2006 at 15:47 UTC ( [id://546586]=note: print w/replies, xml ) | Need Help?? |
If you already have a copy of the server cert and the CA chain that signed it (public keys all), you simply need to verify on the client:
The above will fail if the client does not already have a copy of the server's public key in whatever directory your openssl.cnf file says they should reside. If you need to do additional verifications on your own, use SSL_verify_callback to specify your own additional code. If you were looking for some way of setting up a server without having it even send a public key, you're no longer talking SSL. Consider the Crypt:: modules in that case ... Updated: It would have been polite for you to mention that your update occurred after I had posted this ... The intelligent reader will judge for himself. Without examining the facts fully and fairly, there is no way of knowing whether vox populi is really vox dei, or merely vox asinorum. — Cyrus H. Gordon
In Section
Seekers of Perl Wisdom
|
|