On Tue, Jun 13, 2006 at 09:20:04AM +0200, Marek Marcola wrote: > Hello, > > > In particular, having a separate certificate for each of the > > servers (desktop systems) really could be problematic considering > > the number of them, although having one for each client (print > > servers) could be feasible. > If you control all this - this may be acceptable.
No, I control the code on both sides, but not each site which want to install/use the software. I'd like to impose a minimal burden on the people who will manage each site. > > Someone suggested to me that I use stunnel on both sides. Could > > this be the solution ? > Yes. The problem with this is that from what I understand stunnel still needs a certificate on the server side, so we are back to having to create/purchase/manage possibly thousands of certificates, which is entirely impractical, unless running all servers with the same certificate is possible. Is it ? (again I don't really care if a server really is the server it pretends to be, I only want to be sure that the client is the client it pretends to be). Any other solution or hint ? bye Jerome Alet ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
