I'm trying to create a system where clients can encrypt messages, but only the server can decrypt them. I'm configuring the context on the server-side like so: context_.set_options(boost::asio::ssl::context::default_workarounds | boost::asio::ssl::context::no_sslv2); context_.set_password_callback(boost::bind(&server::get_password, this)); context_.use_private_key_file("server.pem", boost::asio::ssl::context::pem); However, I can't find any way to load the public key on the clients. Can I create a connection that relies on public-key encryption? Or do the SSL classes expect me to use public-key encryption only to generate symmetrical keys, ie with Diffie-Hellman? -David