Hello, I'm using openSSL 1.0.0a to generate certificates for our Microsoft Windows environment - LDAP over SSL required on Domain Controllers.
You'll notice here: http://support.microsoft.com/kb/321051 that the following is required: "You must use the Schannel cryptographic service provider (CSP) to generate the key." Then I found: http://wiki.cacert.org/DomainController that lead to one more site: http://www.cs.bham.ac.uk/~smp/projects/peap/ No I'm sure that this part is critical for what I'm needing, but openSSL (0.9.8 versions) don't (by default) have the patch I require. My questions are: - Was this added in openSSL 1.0? - Based on: http://www.cs.bham.ac.uk/~smp/projects/peap/ , does this seem like it's easy to add to the configuration of openSSL (which I know know how to do, some programmers information would be truly appreciated. :))? - Would this break anything else with openSSL (or is it dangerous to apply this patch?)? Thanks! ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
