Please help me get my facts straight on what this is all about.
What I want to do:
Send an XML string from a non-browser client to a server, but securely, because it
will contain credit card information and other personal junk.
It has to be on the Mac and Windows platforms at least.
Steps I see:
Use OpenSSL because I can get that for OS X and also for Windows.
OK, after that, I'm fuzzy.
Steps I vaguely see, please help me if you can:
1) We have a Win2K server. What do I do to get it to see and talk to SSL connections
coming from the client?
Do I need to install OpenSSL there, or will OSSL talk to whatever
existing SSL things MS has built into IIS on Win2K?
Is there a setting I need to tweak, or will IIS do this out of the box?
2) I need to use the command line utility that comes with OSSL to make
uh..what? A private key? A certificate? The user will never see
this stuff, hopefully.
3) I need to put a copy of the private key on the server and the client,
and somehow that gets used to to encrypt the private information
the client sends.
4) I use the OSSL libraries (or possibly call the command line utility from
a program) to set up and SSL link and send my information to the
server.
5) Do I need to write server code that is looking for this link, this
information, and then decodes it?
I'm sorry to be so confused and thick headed. I didn't think about SSL at all before
about a couple of weeks ago, and I'm trying to understand the big picture. If anybody
feels compassion and has the time to step through this with me, I'd be very grateful.
It's been good just reading through the list, although it's like being in the ER right
after a big explosion down town.
john
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
