On 09/07/2011 01:42 PM, Andrea Spadaccini wrote:
Hello,
I am implementing SPICE support in Ganeti
(http://code.google.com/p/ganeti), and while implementing TLS I
noticed that the SPICE server needs, apart from his key and
certificate, also the certificate of the CA that signed its
certificate.
I found the relevant code in reds.c (reds_init_ssl()), but I am not
very confident with SSL so I don't really understand why the server
would need the CA certificate.
Can anyone explain it to me?
You cannot verify a certificate if you don't have the certificate of the
authority who signed that certificate - which is the CA.
Y.
Thanks,
Andrea
_______________________________________________
Spice-devel mailing list
[email protected]
http://lists.freedesktop.org/mailman/listinfo/spice-devel
_______________________________________________
Spice-devel mailing list
[email protected]
http://lists.freedesktop.org/mailman/listinfo/spice-devel
