Hi! I am trying to use OpenSSL to build secure authenticated channel between client and server. I want server to allow connections only from certain clients, and I want client to be sure it is connected to the right server.
I see how it could be done using certificates. However for my application generating certificates would be to complex for end user. The simplest way I see it would be to use RSA public/private keys: the way SSH does. So client and server each would have private/public key pairs generated. When, I would manually add server public key to client side and client public key to server side (server will possibly have more that one client key). If there is anything wrong with the way I am planning to do it? It seems to me that this should be pretty common usage. If somebody done this before I would appreciate any advice. I am new to openssl and still learning basics. Sincerely, Vadim -- "La perfection est atteinte non quand il ne reste rien a ajouter, mais quand il ne reste rien a enlever." (Antoine de Saint-Exupery) ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
