curl-users
Re: Verifying Server
Date: Thu, 29 Aug 2002 08:22:37 +0200 (MET DST)
On Wed, 28 Aug 2002, William E. T. wrote:
[I am far from an expert on this, but since no one else responds I can just
as well keep on blabbering...]
> Yes. Let's say I'm connecting to server my_secure_server.com, and I want a
> secure connection and I want to verify that this server is
> my_secure_server.com. How would I do this?
You have a CA certificate that you tell curl to use to verify the peer with.
With --cainfo.
> if I have a certificate, then do I need to pay anyone?
For what?
> (like a certificate authority) otherwise couldn't anyone make-up a
> certificate?
You don't want just "a certficiate", you want a CA certificate that can
verify the peer. You need to get one of those. If your peer's certificate is
signed by one of the CA in this package:
http://curl.haxx.se/ca-cert-bundle.pem.gz then you can use that.
> >You need a CA certificate (bundle) though to verify the peer against.
>
> A CA certificate (bungle)? Could you please elaborate?
A bunch of CA certificates. Often called "CA cert bundle".
> If you knows good URLS I don't mind RTFMing I'mjust kinda lost on how to do
> this.
I think you need to learn some basic skills on how SSL and certificates work
and interoperate. I'm afraid I cannot offer any good URLs to such info. I'm
not very good at it myself.
-- Daniel Stenberg -- curl related mails on curl related mailing lists please ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sfReceived on 2002-08-29