Hey all,
I've been trying to put together a simple secure pop3 client (just login
and check number of available messages) to test out the openSSL library
but I can't seem to find any good tutorials or examples that really
explains what's going on with certificates. Can someone point me in the
direction of some documentation that might help me get started? Or at
least outline the process of setting up a tcp/ip client like this?
I expected that the process would be something like:
1. login
2. retrieve server's certificate
3. do something to decide if the client should trust it
4. then continue on my merry little way with pop transactions
From the documentation available, I can't quite wrap my head around the
SSL_CTX_load_verify_locations step (which, evidently, comes before
connecting to the server). It seems like this function is used to load
and validate some certificates, but I can't figure out whose. Are these
stored copies of servers' certificates or are they certificates to
identify the client computer? When the program first runs, these
certificates wont exist, correct? What needs to be verified at this
point? Is there a way to generate an empty certificate store if it
doesn't exist yet (first run case)?
Any help would be appreciated.
Josh Bialkowski
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
