Community technical support mailing list was retired 2010 and replaced with a professional technical support team. For assistance please contact: Pre-sales Technical support via email to sales@march-hare.com.
Tony wrote: >Charles Oram wrote: >>Hi, >>Is it possible to use CVSNT with sserver with self-signed client >>certificates? >>I've set up CVSNT to use sserver (with a Windows 2003 server) and I would >>ideally like to be able to use sserver with client certificates, but as >>far as I can make out this does not work with self-signed certificates. > >self signed certificates on the client make no sense - you might as well >not bother with them if you're going to do that. What I want is an extra level of authentication of the user by making them have to have their private key installed on the computer they are accessing CVS from, and making sure that the server only accepts logins from users where the server know's the user's public key. So if I install the user's self-signed certificate on the server, isn't that just giving the server the user's public key so that the server can authenticate the user? OK, I don't have the full chain of trust that you have with signed certificates, but you need more than a username and password to login to CVS then. I take it from your answer that my original assumption was correct, i.e. that CVSNT does not allow self-signed certificates? Looking at sserver.cpp it seems so. > >>Is there any possibility that future versions of cvsnt might have a >>configurable option to allow this? > >No. > >Tony Fair enough. guess I could always recompile my own version of sserver_protocol.dll if I was desparate to have it work that way. regards, Charles _________________________________________________________________ Become a fitness fanatic @ http://xtramsn.co.nz/health