cURL / Mailing Lists / curl-library / Single Mail

curl-library

SSL Client authentication

From: Eric Rautman <erautman_at_email.com>
Date: Tue, 17 Apr 2001 16:09:56 -0400 (EDT)

A question about client authentication using libcurl's
curl_easy_setopt(curl, CURLOPT_SSLCERT, crtfile) function.

the documentation mentions that 'crtfile' must contain the concatenation of
the private key and the cert itself.

Does this concatenated file need to be stored at the server? If so, isn't
this a serious security risk? I thought the idea behind asymmetric
encryption was to keep the private key at the host, not distribute it with
the cert.

Or is the cert stored at the server without the private key concat'ed? Does
libcurl send this concat'ed file to the server at client authentication
time, or just the cert itself?

Thanks,
Eric

-----------------------------------------------
FREE! The World's Best Email Address @email.com
Reserve your name now at http://www.email.com

_______________________________________________
Curl-library mailing list
Curl-library_at_lists.sourceforge.net
http://lists.sourceforge.net/lists/listinfo/curl-library
Received on 2001-04-17

This message: [ Message body ]
Next message: Puneet Pawaia: "Re: Resuming on persistent connection"
Previous message: Michael Saunders: "Question about the libcurl API?"
Next in thread: Daniel Stenberg: "Re: SSL Client authentication"
Reply: Daniel Stenberg: "Re: SSL Client authentication"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]