From: R.I. P. <rip...@go...> - 2006-07-31 11:44:20
|
> > > > Anyway to use TLS whith self signed ceriticates? > > Not for all of the components, no. You can't use a self signed certificate for > anything that listens for TCP connections. The reasoning is that since you > can't validate a self signed cert, it's impossible to know if you're connected > to a legitimate server or a malicious man in the middle attacker. > > I'd reccomend using TinyCA to set up your own mini CA instead. you can use self signed certs for all components, I do, just use your own CA to sign them and be sure to distribute the CA root cert to all the clients and directors. -- R.I.Pienaar http://www.devco.net |