SSL can be used to ensure the server identity (using server certificates) and, optionally, the client identity. How SSL can be used to ensure the server identity?
+2
A:
You need to check if the server certificate is signed with a key you can trust. Also it's common to put server address in the common name (CN) field of the certificate, so you should also check if it's the same as the address of the server you are trying to connect to.
Michał Piaskowski
2010-03-25 21:08:04
And most SSL frameworks pre-trust a finite list of well-known certificate authorities like Verisign, Thawte, and Globalsign for this purpose , so if you use one of these to sign the server certificate your work is done.
GregS
2010-03-27 16:06:24