> Read Ralf's reply again - the certificate actually *contains* the > server's public key. The browser uses this to encrypt a session-key and > send this back to the server. Thereafter, the browser and server use > this common session key to communicate throughout the rest of the > session. > > Without a certificate, the browser can *never* establish communication > with the server. It's like opening a locked door without a key. Read > some of the docs for more details. > > If you don't care about authentication (or rather, if you believe your > clients don't care about authentication) then make a self-signed > certificate as described in the mod_ssl docs (see the website). This > will provide the free certificate you need to get SSL working. > > Rgds, > > Owen Boyle.
When I first started messing with SSL I too had wanted this but found it not possible. However, if you do a self-signed certificate then you have to send the public certificate to the users so they don't get that annoying pop-up. Otherwise you'll have to cough up some dough for a signed cert from a true authority. Sadly, in our wonderfully free Linux world, you hit a brick wall where you either have to 1) live with an annoying feature, 2) use a clumsy workaround or 3) pay, pay, pay. Jeff ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
