Changing to HTTPS
Date: Wed, 11 May 2005 17:46:42 +0300
We have the following scenerio with us.
We have an HTTPS Client and a HTTPS Server.
There are only POST Requests being sent by the Client to which server responds.
Before this, we had support for just HTTP. The code that we have works fine.
Now we have to make changes to use HTTPS instead of HTTP
We are planning to make following changes to support HTTPS.
i. Server will have a self-signed certificate configured at its end.
ii. In the client code the CURL option, CURLOPT_SSL_VERIFYPEER will be set to ZERO.
Its assumed that the Server which is being connected is trustworthy. Only thing thats needed is the secure communication.
So, by just doing the above two changes in teh code can we get a secure communicaiton ?
I am assuming that certificate is still needed at the server side just to provide the public key to the Client during the connection setup.
Is there any anything else needed in the Client side other than the normal HTTP POST code.
It will great help if someone provide the information
Received on 2005-05-11