Hi I generated the key and self-signed certificate by doing the following:
openssl genrsa -out privkey.pem 2048 openssl req -new -x509 -key privkey.pem -out cacert.pem -days 1095 I install the cert and key on my HTTPS server. From a browser, I entered https://serverIPaddress on the browser, the certificate then is loaded and accepted by the browser. The HTTPS server and the client (browser) can now talk via HTTPS connection. Could you explain -- (1) what was just going on during the negotiation and security connection setup? The sequence of the handshaking. (2) Is the public key part of the certificate being passed to the client? (3) Did the server authenticate the client in this process? or there is no authentication in this type of handshaking? (4) What does the server do with the key generated (privkey.pem)? Is this the private key? Does the client need to know about this key? (5) Do both the server and client use the key to encrypt and decrypt the data packets? Which key do they use? Could you recommend any docs that explain all these. Thanks, -Grace -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dr. Stephen Henson Sent: Friday, March 03, 2006 6:44 AM To: openssl-users@openssl.org Subject: Re: SMIME version 3 support On Fri, Mar 03, 2006, Perry L. Jones wrote: > Hello, > > The man page for smime says that openssl does not support smime > version > 3. Under the BUGS section. > > http://www.openssl.org/docs/apps/smime.html > > Does anyone know if there is any work being done to support smime > Version 3? > There have been many queries and discussion but so far no one has been willing to fund the effort: it is a *lot* of work. > If not is there possible another C api that already has support for > parsing smime version 3? > In practice you rarely need S/MIME v3. Is there some specific feature you require? Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
