Hello, This is more a general question about certificates verification in SSL contexts. I hope this is not too much offtopic. I know how asymmetric encryption works, but I never dig a lot into the process of certificates verification. I know how certificate checks are made with browsers, the server must have a certificate signed by a trusted CA. But then, I must admit that I don't know many more. For example, A lot of Linux package managers use package signing to be sure that packages downloaded are correctly built from the vendor. But this is another topic I guess. Now, for example, I would like to create my own server process and my own client. They are not open to the internet, so no need to buy trusted authority certificates. So by generating self-signed certificate and private key file. The server can run. The question is: how the client be sure that it is connecting to the right server? Do this client needs to have the same certificate on its local machine and use it? If yes, should I use ssl::context::load_verify_file and ssl::verify_peer and I'm done? If you have some resources to advice me on the certificate check mechanisms, please give me. Regards -- David