> > Hello, > > I suspect more or less the same can be used to set up a HTTPS > connection > with a known certificate ? > > Maybe this is something to be added to the WIKI ? > > Michael. >
You mean client authentication (the HTTPS server has a list of public keys of the authorised users)? When using cryptlib you'll have a similar pk conversion problem. It should be much easier to set up with OpenSSL which has support for ssl client authentication and looking at the synapse code it is supporting it also. Use Sock.SSL.PrivateKeyFile for the private key file (pem or asn1 format, only first key used while cryptlib uses the additional label to select from multiple keys) and Sock.SSL.KeyPassWord for the password used to encrypt the private key. For SSH the main difficulty is that only synapse+cryptlib supports SSH and synapse has taken a shortcut in using only private keys from file which, in cryptlib, is restricted to pkcs15 or pgp keyring. Ludo _______________________________________________ fpc-pascal maillist - fpc-pascal@lists.freepascal.org http://lists.freepascal.org/mailman/listinfo/fpc-pascal
