> Sounds like you would need a dedicated server or virtual directory.
>
[GOMEZ Henri] Ya, a sort of relay to private resources to users
around the net.
> Why would you let the clients that do not provide a cert
> continue access?!?
>
[GOMEZ Henri] Yes, I don't want people without a certificate
generated by my CA.
> > I used SSLeay tool CA.sh to build a private CA.
>
> This will give you a CA public certificate.
>
[GOMEZ Henri] A public CA certificate ??? What do you means
exactly by public since self generated and thus not linked with certs
from Verisign or Thawte.
>
> > But got in server messages:
> >
> > "unable to get local issuer certificate"
>
> Have you put the CA certificate into s_server's directory?
>
[GOMEZ Henri] No, but I started to developp my own SSL relay
(warped) using part of mod_ssl sources. I hope to announce it soon. But
will be first only Linux/Redhat based, since I'm not a autoconf guru ;-)
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
