You could remove the password from the key, but that's probably not what
you want.
Otherwise it's possible to use a callback. Something like this:
int
set_default_passwd_cb (
char *buf,
int num,
int verify)
{
...
}
...
SSL_CTX_set_default_passwd_cb (ssl_ctx, set_default_passwd_cb)
On Wed, May 12, 1999 at 10:51:06AM -0400, Carlo M. Arenas Belon wrote:
> sad to say... here we go to the holly war of Linux Distributions..
Come on, guys... Is this the right place to fighting to see who is the
longest one ? I dont mind if you do, but please, use a more fit list.
--
512/781AF
Hi all,
I'm writing a client, and trying to figure out how to pass the
private key password (PEM pass phrase), so as the prompt doesn't
come up during the handshake.
Is this possible? Is there any documentation on it?
Thanks,
John.
__
Steffen Dettmer a écrit :
> but I assume that
> RH includes at least a ssh, aint?
I don't think so as ssh is probably subject to u.s. export restrictions.
Fathi Ben Nasr.
__
OpenSSL Project
On Wed, 12 May 1999, Steffen Dettmer wrote:
> Does this mean that RH comes without ssh ?! OK, I compiled it myself
> always (the thing with the lastest stable version ;) ), but I assume that
> RH includes at least a ssh, aint?
American law has ridiculous export restrictions which could prohibit
I'v found the RSA patch but I'm gapping on the "patch".
PATCH:
Move this file to the top-level directory of a fresh OpenSSL 0.9.2b
source
tree and run the command ``patch -p0 http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager
Patrik Carlsson wrote:
>
> Is there an easier (or more elegant) way than this to get the NID in
> order to e.g. identify a SGC certificate?
>
> ...
> X509_EXTENSION *ex = X509_get_ext (x, i);
>
> if (X509V3_EXT_print (bio, ex, 0))
> {
> j = BIO_read (sb, buf, BUF_LEN);
> buf[j] = 0;
>
Sylvain Robitaille WROTE
>
> . . . [ many files compile ] . . .
>
> cc -DMONOLITH -I../include -tune host -O4 -readonly_strings -c openssl.c
> rm -f openssl
> cc -o openssl -DMONOLITH -I../include -tune host -O4 -readonly_strings openssl.o
>verify.o asn1pars.o req.o dg
Thornton Prime wrote:
> Steffen Dettmer wrote:
> >
> > > just to say that for me, Suse 6.0 (or 5.3) is pretty nice, easy to install, no
> > > broken packages.
> >
> > YES. :)
> >
> > The onliest bug I've found is that a raid level 1 (Mirror) device won't be
> > re-sync automatically (patch aviabl
Is there an easier (or more elegant) way than this to get the NID in
order to e.g. identify a SGC certificate?
...
X509_EXTENSION *ex = X509_get_ext (x, i);
if (X509V3_EXT_print (bio, ex, 0))
{
j = BIO_read (sb, buf, BUF_LEN);
buf[j] = 0;
ex_nid = OBJ_ln2nid (buf);
isSGC = ex_nid
> apache_ssl w/openssl 9.2b
>
> Everything was going fine. All of a sudden when I attempt
> ssl connection with NS 4.05, NS4.08 I get the message
>
> "The certificate is not approved for the attempted operation"
>
> NS is using PKCS#11 v2.0 lib version 4.0
>
> No problems with NS 3.0x, MSIE 4
> To answer your question: no, there are no rules for the withdrawal of
> CA licences. Strictly spoken, there even are no rules for the licensing
> of CAs: the federal agency operating the root CA cannot reject a licence
> if hardware, software and the CA's security concept have been evaluated.
>
> The first thing I do to a RedHat box if it's going to be a webserver,
> for example, is rip out all the apache-related RPMs and rebuild apache
> in /opt/www (usually we have a fast SCSI disk mounted on /opt). Then we
> compile ssh, add a JDK, fix /etc, and lock down the ports.
Does this mean t
Hello,
I need to install SSLeay on NT server. I have download the version of
openSSL1_0.9.1c and trying to compile it for NT in VC++. I was hoping to get
some feedback from anyone who has done this process.
Thanks in advance.
Fariba
UCLA
> In tha patch I posted there is the -updatedb, -status and -revoke function
> (the -revoke was already included in last snapshot 10-May-99).
Very well... I compiled the / one of the 11th May Snap already, but I
hadn't time to take a look so far...
oki,
Steffen
___
Michael wrote:
>
> apache_ssl w/openssl 9.2b
>
> Everything was going fine. All of a sudden when I attempt
> ssl connection with NS 4.05, NS4.08 I get the message
>
> "The certificate is not approved for the attempted operation"
>
> NS is using PKCS#11 v2.0 lib version 4.0
>
> No problems wit
Steffen Dettmer wrote:
>
> > just to say that for me, Suse 6.0 (or 5.3) is pretty nice, easy to install, no
> > broken packages.
>
> YES. :)
>
> The onliest bug I've found is that a raid level 1 (Mirror) device won't be
> re-sync automatically (patch aviable ;) ). RH 5.3 does not have this bug.
Experimenting with key, csr, etc creation reveals that if I creat the
keys using openssl 92b, ns405/8 give me the error message
if I step back and use ssleay from openssl 91c, all works fine. This
appears to be consistent with all the trials I've run (about a dozen)
using this procedure:
ssle
On Tue, May 11, 1999 at 06:13:16PM -0800, Michael wrote:
> Can someone point me to a more comprehensive description of the
> openssl command line documentation. The stuff on the web site is not
> very illuminating.
I don´t think that there is such a description. But you can do
something like "
On Wed, May 12, 1999 at 04:46:37PM +0200, Massimiliano Pala wrote:
> >
> > Than you just have to set the wanted ca-section by
> >
> > openssl ca -name Server_CA ...
> >
> > So you can use one config-file for several ca´s and their different extensiosn.
> >
>
> But using the -name, you do load
On Wed, 12 May 1999 [EMAIL PROTECTED] wrote:
> Ben Laurie wrote:
>
> > Great! So what is it that is actually good about Linux, then? And RH in
> > particular? I find this all a bit peculiar coming from a background
> > where the answer to "which version?" is invariably "the latest stable
> >
Well, first some background information:
; uname -a
OSF1 aries V4.0 1091 alpha
This is 4.0e, with Patchkit 1 installed, on an AlphaServer 1200 5/533.
I'm trying to compile OpenSSL, with the Digital C compiler (alpha-cc),
but I'm running into troubles. Running config resulted in the
fol
Bodo,
> Does DIN EN 45011 apply to SigG certification for devices and
> products? If so, what are the SigG Certification Bodies' ( http://www.bsi.de/aufgaben/projekte/pbdigsig/main/pub.htm>) "documented
> procedures for withdrawal of licences, certificates and marks of
> conformity" when it come
I'm not the moderator, and I'm not sure how many others I'd
be speaking for if I asked you to kindly take this discussion
elsewhere... perhaps somewhere more appropriate (imagine that..)
Kindly consider doing so. Thank you,
"Carlo M. Arenas Belon" wrote:
/*
* > Erwann ABALEA wrote:
apache_ssl w/openssl 9.2b
Everything was going fine. All of a sudden when I attempt
ssl connection with NS 4.05, NS4.08 I get the message
"The certificate is not approved for the attempted operation"
NS is using PKCS#11 v2.0 lib version 4.0
No problems with NS 3.0x, MSIE 4.01, they work fine.
>> That's us. :-) We're exploring the possibility of setting up a private CA
>> to support a small number of our PC's in an IPSEC configuration.
>>
>
> OK. Well if thats you, does that mean that you have the private key for
> the certificate it mentions?
Yes.
> If so it should be possible to d
Ben Laurie wrote:
> Great! So what is it that is actually good about Linux, then? And RH in
> particular? I find this all a bit peculiar coming from a background
> where the answer to "which version?" is invariably "the latest stable
> one, of course".
Lots of people is trying to get out of MS
27 matches
Mail list logo
