On Wed, 28 Aug 2002, William E. T. wrote:

[I am far from an expert on this, but since no one else responds I can just
as well keep on blabbering...]

> Yes. Let's say I'm connecting to server my_secure_server.com, and I want a
> secure connection and I want to verify that this server is
> my_secure_server.com. How would I do this?

You have a CA certificate that you tell curl to use to verify the peer with.
With --cainfo.

> if I have a certificate, then do I need to pay anyone?

For what?

> (like a certificate authority) otherwise couldn't anyone make-up a
> certificate?

You don't want just "a certficiate", you want a CA certificate that can
verify the peer. You need to get one of those. If your peer's certificate is
signed by one of the CA in this package:
http://curl.haxx.se/ca-cert-bundle.pem.gz then you can use that.

> >You need a CA certificate (bundle) though to verify the peer against.
>
> A CA certificate (bungle)? Could you please elaborate?

A bunch of CA certificates. Often called "CA cert bundle".

> If you knows good URLS I don't mind RTFMing I'mjust kinda lost on how to do
> this.

I think you need to learn some basic skills on how SSL and certificates work
and interoperate. I'm afraid I cannot offer any good URLs to such info. I'm
not very good at it myself.

-- 
 Daniel Stenberg -- curl related mails on curl related mailing lists please
-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf