> Viktor, out network is secure, but clients outside our network will
> access it over the internet. I'm concerned about the client sending
> his username/password in clear text over the internet, and thought SSL
> would do the encryption trick with ease, using a self-signed
> certificate.
>
> Andreas

If the certificate is self-signed, how will the client know it's sending the
username/password to the server and not a malicious adversary? Is the client
using a browser or software that you control?

DS


______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to