Posted by Colin McKinnon on 08/10/06 21:53

Notgiven wrote:

> A book (Pro PHP Security) I read has some details about it but it is not
> very clear and I need to learn more.
>
> What I gleaned is possible in this book is that the php code can encrypt
> data using the server's public key certificate before sending it to the
> database. Then the user, who has a private key created from that
> servers's public key, is the only one who can decrypt the data.
>
> This is similar to the way Lotus Notes works with PKI and X.509 certs.

This is exactly the same as how Lotus Notes works with PKI and x509 certs.

>
> Any links or how-tos where I can learn more is MUCH appreciated!

OMG, is Google down?

Try the SSL certificates Howto, and the SSL functions in the PHP manual.

C.

• Next in forum: Re: newbie PHP question
• Prev in forum: Re: how do i avoid typing the keyword "$this->" every time inside a class
• Thread view: Re: how to use server certificate to encrypt data, then use private cert/signature to decrypt?

[Reply to this message]