On Wed, Apr 07, 2004, Jochen Schaefer wrote: > Hi everybody, > > does anybody know how to accept a SSL certificate where only the > certificate date and the company which issued it have to be valid? > I want to establish a SSL connection between 2 tomcat web server where > both have the possibility to access each other. One has a static ip the > other one a dynamic ip. >
There's no reason in principle why you can't do that. In practice there needs to be some way to authenticate the server. The usual way is to match the user supplied hostname to that in the certificate. If you want to do something else then how or if you can do it depends on the client software. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
