Community technical support mailing list was retired 2010 and replaced with a professional technical support team. For assistance please contact: Pre-sales Technical support via email to sales@march-hare.com.
On Mon, 13 Aug 2007 21:07:51 -0300, Gerhard Fiedler <lists at connectionbrazil.com> wrote: >Bo Berglund wrote: > >>>> With sserver you also get the encryption security. Sserver is as simple >>>> to set up as pserver. >>> >>> Don't you have to create and distribute certificates? >>> >> >> Ther creation of the server certificates is done as part of the cvsnt >> server installation. The client does not need a certificate AFAICT, so >> it is just a matter of connecting. >> You need to do a cvs login after setting the CVSROOT to >> :sserver:user at cvsserver:/repository > >Thanks. What kind of certificate is that? Is it recognized by a CA? If not, >don't I have to add it to the allowed certificates on the client machines? > Well, I really do not know how it works.... During the installation of CVSNT server there is a task to create default certificates. What that does I don't know. But apparently sserver uses some form of encryption scheme and I always was under the impression that the certificate created during install is used for this. But that was just an assumption. In the case of a client using sserver, there are no extra actions needed as far as I know than to replace p with s in the protocol specification. Then the CVSNT client will negotiate some kind of session encryption with the server I think much like the https protocol does on secure web sites. After negotiation the entire following conversaition is encrypted, I believe. Tony/Arthur could perhaps shed some more insight on this? HTH /Bo (Bo Berglund, developer in Sweden)