Board index » jbuilder » Certificates

Certificates


2004-08-05 05:38:33 PM
jbuilder18
Which open source/free class/library I should use to retrive CRL
distribution points from certificate?
 
 

Re:Certificates

Our group has decided that it wants to use Certificates to authenticate
remote PCs whenever they attempt to access our network. (If the software
has the proper Certificate, it can log onto our network.) The problem is
that no one here knows *anything* about Certificates! Being the newest one
here, I was naturally assigned the project and told to "look it up."
I have found some information, but all of it is over my head and seems very
general.
What group should I look to for information, tutorials, etc.?
Can an individual (like myself) create a Certificate or must they be
purchased from a third party (i.e. Thawte)?
What components are typically used to send/receive Certificates? (i.e.
Could I FTP it using Indy 9?)
Would I be expected to write a program for our server to analyze the
Certificate?
If someone is "up" on this, feel free to ask/answer more questions that I
don't even know about yet!
 

Re:Certificates

"poojo hackma" <poojo.com/mail>wrote in message
Quote
Can an individual (like myself) create a Certificate or must they be
purchased from a third party (i.e. Thawte)?
I don't know if it still has then, but OpenSSL (www.openssl.org) used
to have tools for generating custom certificates. Of course, if you want
real security, using certificates from a third-party authoity, such as
Verisign, is best.
Quote
What components are typically used to send/receive Certificates?
Certificates are exchanged over SSL. Both parties have to provide their
respective certificates to the SSL library when establishing the socket
connection. The contents of the certificates are exchanged and validated
automatically.
Quote
Could I FTP it using Indy 9?
You could, but that is not how certificates are to be used in the first
place.
Quote
Would I be expected to write a program for our server to analyze
the Certificate?
Since SSL sits on top of the TCP sockets, your server would simply have to
enable SSL, then validate the client's credentials when the SSL library asks
you to in a callback.
Gambit
 

{smallsort}