- Original Message -
±H¥óªÌ: Palmer, Pete <[EMAIL PROTECTED]>
> This helps. Thanks. Since the browser created the public/private key
pair,
> it would have put the public key in the Certificate Request, correct?
>
> How do I associate the private key for this request with the cert (and
wh
How about using eiterh mod_ssl or Apache-SSL togetehr with
ProxyPass directive?
It seems like a bit overkill but should work.
Furthermore I suggest buying some hardware crypto accelerator
that gives you *much* performance gain.
[EMAIL PROTECTED] schrieb:
>
> Ok, the gist of the following is I
Thomas Reinke schrieb:
>
> Point 3 is your problem, s_client handles stdin in a special
> way :(
>
> s_client assumes that if either stdin or the ssl socket
> hits end of file, that it should shut down operation.
> Unfortunately, when redirecting stdin from a file,
> what happens is that you rea
You should use xenroll as well to install the cert. The cert will then
be linked to the key automatically.
Palmer, Pete schrieb:
>
> This helps. Thanks. Since the browser created the public/private key pair,
> it would have put the public key in the Certificate Request, correct?
>
> How do I
Bunny,
> stunnel (Failed to talk sslv3 properly, generating errors on certain
> packets.
So why didn't you report your problem to stunnel-users, first?
I'm sure I could help you.
Regards,
Mike
---
Michal Trojnara * +48 501 00 12 43
IT Security Officer * PTK Centertel
_
Martin Ouwehand has some very useful scripts at:
Martin Ouwehand has some wonderful example scripts at:
http://cognac.epfl.ch/SIC/SL/CA/
You will need to change references to SSLeay to OpenSSL.
It works for Netscape, but I'm having trouble with loading MSIE 5 certs.
Pete
-Original Messa
Hi,
I found there are two ways to encrypt/decrypt RECORD
data after a SSL connection is set up in OpenSSL.
1.In the ssl3_enc() function, it calls EVP_Cipher() to
encrypt/decrypt the record data;
2.In the do_ssl3_write() function, it calls do_compress()
to compress the record data, then do_compr
Hi All's,
I'm using OpenSSL 0.9.3a 29 May 1999 under Apache/1.3.6 (Unix).
Can I know where I can see the example Perl script which to
load user client certificate into Netscape Browser ?
Thank in advance.
\||/
\ ^ ^ / Hi..
Hi everyone.
Just wondering in general where I could find openssl trouble shooting
docs., My problem is that I am running Linux slackware, with Linux-whatever
(well so it tells me) on an i586 pc, and when I go to install openssl, it get's as
far as creating the crypto library, back peddl
> Leland -- I scanned your site and Watchguard's. Both look very interesting
> and relevant to my needs.
>
> We are in the early design phases of a super secure, rather high volume
> (perhaps 1M hits/8 hr day) environment.
>
> The transactions are quite simple. An incoming HTTPS query of about
22-Jul-99 13:04 you wrote:
> I've been searching for some source of information about this...
> I would like to be able to use OpenSSL + mod_ssl + Apache in order to
> produce a secure web server; for a variety of reasons it would be very
> nice if I could have one httpd serving both http and htt
Ok, the gist of the following is I need a good, solid, hopefully
non-forking (single-process or threaded) SSL capable proxy. By this I mean
I need a daemon that listens to 443, takes connections from browsers, does
the necessary authentication and decryption, then forwards the connection
to 80 on
I used a cert with *.commercestore.com. This worked for me. You then need
to make a virtualhost for both ports 443 and 80 for each domain. The setup
varies between ben_ssl and mod_ssl, and there may be a few other
variations. Check the docs that came with your "ssl" add-on.
Nick
At 11:26 AM
Leland -- I scanned your site and Watchguard's. Both look very interesting
and relevant to my needs.
We are in the early design phases of a super secure, rather high volume
(perhaps 1M hits/8 hr day) environment.
The transactions are quite simple. An incoming HTTPS query of about 150
bytes.
Point 3 is your problem, s_client handles stdin in a special
way :(
s_client assumes that if either stdin or the ssl socket
hits end of file, that it should shut down operation.
Unfortunately, when redirecting stdin from a file,
what happens is that you read the command to send to
the remote web
I've been searching for some source of information about this...
I would like to be able to use OpenSSL + mod_ssl + Apache in order to
produce a secure web server; for a variety of reasons it would be very
nice if I could have one httpd serving both http and https clients.
While I am willing to
I am currently having this same problem. Were you able to find a
resolution?
> I'm using an NT build, following the Verisign CSR
> instructions, and am stuck at the "unable to find
> 'distinguished_name'" error below.
>
> I have generated CSRs for Verisign with OpenSSL from a Unix
> build befo
This helps. Thanks. Since the browser created the public/private key pair,
it would have put the public key in the Certificate Request, correct?
How do I associate the private key for this request with the cert (and where
is the private key stored)?
Here is the VB code I use (not original)
I set up some virtual hosts on a linux machine with apache.
I want to get the virtual hosts to use the same certificate as the
"main" server (there is www.company.com as well as blah.company.com
and blahblah.company.com on the same machine) The virtual host part
works fine for all 3, however if I
At 02:47 PM 7/21/99 -0700, Harry Whitehouse wrote:
>
>Is there an industrial-strength proxy available commerically which only
>permits 443 traffic? I know I could get something like MS Proxy Server
>software and run it on an NT, but the stream of security patches I get from
>MS regarding NT isn't
Are you using "expect" ?
[EMAIL PROTECTED] schrieb:
>
> I would like to use the openssl app from a shell script but have found
> things don't go as expected.
> To illustrate what I am trying to do, here is an analogous situation using
> ftp:
>
> file listCmds:
> ?
> quit
>
> file showFtpComma
I believe that the following command should do what you need. It's not
described in detail in the openssl docs (that I could see), but if you RTFM
the docs for related packages, it soon becomes apparent.
openssl req -new -x509 -nodes -out .pem -keyout .pem \
-days 999
Anybody else know of a bett
22 matches
Mail list logo
