Initializing the Context to Perform Server Authentication Only
To initialize the context to perform server authentication only:
1. Call RWSecureSocketContext::setIdentity() on the server’s context.
2. Call RWSecureSocketContext::prepareToAuthenticate() on the client’s context.
Be sure to replace trustedcerts.pem with the path and file name of your own trusted certificates file.
The examples in
Getting Started with Secure Sockets show server authentication only. For an example of a client application that reads a secure Web page from a server, see the example in
examples\secsock\httpsget.cpp.
Most TLS/SSL authentications that occur on the World Wide Web are server authentications only. This means that clients verify the identity of servers, but not vice versa.
For example, if you buy a book from Amazon.com, your Web browser is the client, and Amazon.com is the server. To ensure that your credit card information is sent only to Amazon.com, your Web browser performs a server authentication. Amazon.com’s server does not care if someone else is pretending to be you because Amazon.com verifies its clients by checking their credit card information.
If Amazon.com wanted to perform client verification, every potential customer would need a personal certificate. For this reason, most Web stores omit TLS/SSL client verification, and use their client’s credit cards to verify identity.