[cvsnt] Re: sserver

Tony Hoyle tmh at nodomain.org
Fri Jul 9 11:24:53 BST 2004


On Fri, 9 Jul 2004 00:54:26 +0200, "David Somers"
<dsomers at trevezel.com> wrote:

>IIRC, SSL is usually only used by the client to authenticate that the server
>is genuine... but it can also be used to also authenticate the client to the
>server (so both parties know each other are genuine). Scan through the
>OpenSSL docs for SSL_VERIFY_PEER.

It's possible but a lot more complex to setup, especially
automatically.   The client side verification is usually used to allow
login by certificate, which can work but needs quite a bit of
server-side configuration to be meaningful.

Tony




More information about the cvsnt mailing list