Deepak Mundra wrote: > I have written a server client application in which im using self signed ssl > certificates .. How can i make sure that only known clients can connect to my > server using ssl connection?
Simply define *precisely* what you mean by "known clients" and test for that. If a connection doesn't meet your precise criteria for a "known client", break the connection. If you don't know what you mean by "known client" then you need to do some thinking about what your application is trying to do. The typical way this is done is as follows: 1) The client verifies that it has reached the server it intended to reach by verifying the server's certificate. 2) Since the client knows it has a secure connection to the intended server, it can send a username, password, and other simple authentication information. 3) The server determines if it should talk to this client or what permissions it should give it based on the validity of the information sent in step 2. This mechanism may or may not be appropriate for your solution. It depends on whether "known client" means "one that knows a valid username/password combination for this server". If it means something else, the solution is something else. DS ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
