>
> >From my understanding, the client cert is transmitted in clear.
> When server receives the client cert, server verifies the client
> cert using a CA (or chained CAs), like verifying the date, signature,
> etc. The question I have is that whoever could intercepts the client
> cert could fake
Yunhong Li wrote:
>
> >From my understanding, the client cert is transmitted in clear.
> When server receives the client cert, server verifies the client
> cert using a CA (or chained CAs), like verifying the date, signature,
> etc. The question I have is that whoever could intercepts the client
>From my understanding, the client cert is transmitted in clear.
When server receives the client cert, server verifies the client
cert using a CA (or chained CAs), like verifying the date, signature,
etc. The question I have is that whoever could intercepts the client
cert could fake the client.
Michael Pogrebisky <[EMAIL PROTECTED]> wrote:
> We've found a way to add any arbitrary CA certificate into certificate
> database of Netscape Communicator (on Win32 only) in a way completely
> transparent to users. I mean, no UI warnings or questions at all.
> If anyone is interested, I can e-mail
md5 wrote:
>
> Hello,
>
> I'm trying to figure out how to get s_client to present a client side
> certificate when requested by and IIS web server.
>
> so i believe the following syntax should work:
>
> OpenSSL>s_client -cert myCert.cer -key myPriv.key -connect
> www.host.com:443
>
> My probl
Are you using overwriting the netscape.cfg or the certificate database?
On Thu, 16 Dec 1999, Michael Pogrebisky wrote:
> On the same issue:
>
> We've found a way to add any arbitrary CA certificate into certificate
> database of Netscape Communicator (on Win32 only) in a way completely
> transp
Hello,
I'm trying to figure out how to get s_client to present a client side
certificate when requested by and IIS web server.
so i believe the following syntax should work:
OpenSSL>s_client -cert myCert.cer -key myPriv.key -connect
www.host.com:443
My problem is how to get the private key bel
On Thu, Dec 16, 1999 at 05:29:15PM -, Oliver King wrote:
> So far, using some simple home-brewed test programs, I've successfully
> managed to establish connections using EDH ciphers such as
> EDH-RSA-DES-CBC-SHA by using the appropriate cert/key files and setting up
> temp DH params using SSL
Hi,
I'm experimenting with the various cipher suites that OpenSSL 0.9.4
supports, and am having some problems understanding DH, EDH and ADH and how
to use them. I need someone to point me towards the light :-)
So far, using some simple home-brewed test programs, I've successfully
managed to esta
Excuse me if my questions appear too obviuos for you.
This is my problem:
- I have my private key.
- I have a string.
- I have to sign this string with my private key using md5.
- I have made a small C program to do this.
I put here some lines of it:
<...>
EVP_MD_CTX ctx;
EVP_PKEY *pkey;
<.
Michael Pogrebisky wrote:
> We've found a way to add any arbitrary CA certificate into certificate
> database of Netscape Communicator (on Win32 only) in a way completely
> transparent to users. I mean, no UI warnings or questions at all.
> If anyone is interested, I can e-mail the code.
Across
Massimiliano Pala wrote:
> Mario Fabiano wrote:
> > openssl ca -revoke asks for the CA key protection password, but the CA
> > key should be needed only to issue the CRL thst must be signed.
> NO. As the CA, from now on will consider the certificate REVOKED and in
> every CRL issued will mark it
On the same issue:
We've found a way to add any arbitrary CA certificate into certificate
database of Netscape Communicator (on Win32 only) in a way completely
transparent to users. I mean, no UI warnings or questions at all.
If anyone is interested, I can e-mail the code.
P.S. Please, note, thi
On Wed, 15 Dec 1999, you wrote:
> > Documentation (very minimal) and source code are at the
> > following address
> > http://spsl.security.unisa.it
> >
>
> Did you port db 1.85 on Win 32bit systems?
>
> Regards Rene
>
> --
> ---
> Rene G
14 matches
Mail list logo
