Hi, we have a client-server application. We want our client(win32 application) to be sure that it is talking to our server indeed(server auth. only), and we wanted to have this communication secured. We are using openssl on the client side. Our server is a java application.
We have created our root ca and issued a certificate to the server using the root ca. We want to ship our clients with the root ca file. Although i can not spot any vulnerabilities in this scenario, there is this feeling that something fundamental is missing, i have gone over network security books and stuff but still... Can an intruder do harm using the root ca? Any comments truely appreciated.
