> Viktor, out network is secure, but clients outside our network will > access it over the internet. I'm concerned about the client sending > his username/password in clear text over the internet, and thought SSL > would do the encryption trick with ease, using a self-signed > certificate. > > Andreas
If the certificate is self-signed, how will the client know it's sending the username/password to the server and not a malicious adversary? Is the client using a browser or software that you control? DS ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]