>= Original Message From [EMAIL PROTECTED] =
> certificate contains only public key inside, private key usually is
keeping
>on server (owner of certificate). From certificate you can extract public key
>only.
If I extract the certificate and certificate's private key from Netscape's d
I have a piece of date need to be PKCS7 signed (pkcs-7 2), and
authenticateAttributes is always required.
authenticateAttributes
{
contentType { {pkcs-9 3} {pkcs-7
1}}
messsageDigest { {pkcs-9 4} -- an octet string }
Firstly, I am not clear what is the messa
Hi all,
Here's my situation... I'm trying to
produce certs and keys with the Java security packages
for use in my ssl enabled web server. The problem is
that when I try to start apache in SSL mode, it
doesn't like my server cert's private key. The Java
docs say that the private key I generated
Hello, I create dsa self-signed certs with the following
sequence:
openssl dsaparam -rand rand.txt -out keys\dsa2.par
1024 openssl req -config CAconf.conf -x509 -newkey dsa:keys\dsa2.par
-keyout keys\dsa2.prk -out certs\dsass2.pem -days 730 -extensions v3_ca -passin
pass:MyTailorIsRich -pas
Hello,
generating dsa params w/ the following command line:
openssl dsaparam -rand rand.txt -out keys\dsa2.par 1024
I Get the following message:
unable to write 'random state'
However the dsa parameter file has been created and is usable. Must be
something obvious?
_
[EMAIL PROTECTED] wrote:
>
> Hello,
>
> We've tried to generate a SSL certificate to use in Netscape. We plan to
> also test the chain root certificate implementation but get confused.
> Could somebody provide some basic guidelines on how to create a chain
> certificate so that CA X certify CA Y
is there a windows ssl version ?
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager [EMAIL PRO
Hello,
We've tried to generate a SSL certificate to use in Netscape. We plan to
also test the chain root certificate implementation but get confused.
Could somebody provide some basic guidelines on how to create a chain
certificate so that CA X certify CA Y and CA Y can then certify the
client's
I provided an explanation on this (see attached message). I dont know if
Konstantin succeeded in working qround that bug. I dont know what Windows
experts think of my explanations either.
- Original Message -
From: jose antonio garvayo <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Mo
This worked for me:
The usual reason for this is that you are on Windoze and haven't set the
multi threaded DLL runtime library option. See INSTALL.W32
-Original Message-
From: Dr Stephen Henson [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, March 14, 2000 8:24 PM
To: [EMAIL PROTECTED]
Subject
I am trying to deal with SETREF implementation. Have you had any experience
with it?
I have some mysterious problems that I can not solve
Best regards,
Oleg
Erwann ABALEA wrote:
> On Fri, 28 Jan 2000, Ben Laurie wrote:
>
> > Radovan Semancik wrote:
> > >
> > > I'm interested in SET (Secure Ele
make sure that you are linking your applicatiuon against the same c runtime
as the openssl library - either /MDd (Multithread debug dll) for debug
builds
or
/MD (Multithreaded DLL) for "Release" builds
Andrew
__
OpenSSL Projec
I'm not sure what you mean by "... verify it against a CA stored somewhere."
Why would you ask for the client cert if you didn't want to verify the
signature?
Anyway, SSL_CTX_set_verify() is going to cause the server to send a
CertificateRequest message during the handshake, and
SSL_CTX_set_clien
If you go to http://oem.netscape.com/eng/ssl3 you will find the answers to
your questions.
> -Original Message-
> From: Kalpesh U. Patel [mailto:[EMAIL PROTECTED]]
> Sent: Friday, March 17, 2000 5:03 PM
> To: [EMAIL PROTECTED]
> Subject: Certificate encryption question
>
>
>
>
> hi,
>
On Mon, Mar 20, 2000, Bodo Moeller wrote:
> On Sun, Mar 19, 2000 at 07:51:38PM -0800, Claus Assmann wrote:
> > I'm trying to write a server (using OpenSSL) that doesn't use
> > patented algorithms, which means I have to restrict my server to
> > TLSv1 or SSLv3 (right?), so I would like to use TLS
On Sun, Mar 19, 2000 at 07:51:38PM -0800, Claus Assmann wrote:
> I'm trying to write a server (using OpenSSL) that doesn't use
> patented algorithms, which means I have to restrict my server to
> TLSv1 or SSLv3 (right?), so I would like to use TLSv1 only, but
> then a "default" client (SSL23_meth
On Sat, 2000-3-18 01:10:35 +, <[EMAIL PROTECTED]>
Dr Stephen Henson wrote:
> [EMAIL PROTECTED] wrote:
> >
> > Hi there,
> >
> > we run apache 1.3.x with mod_ssl and openssl and although explicitely
> > having switched of the FakeBasicAuth for the virtual secure server
> > (own IP) it
On Tue, Mar 14, 2000 at 01:33:11PM +0100, Jorge wrote:
> Hello everybody:
>
> I use a form to request certificates to Openssl. With Netscape, I have no
> problem, but with Explorer, I get an error message #80092021 whenever I
> write the @ in the Email input box.
> Isn't it possible to submit an
Angus,
certificate contains only public key inside, private key usually is keeping
on server (owner of certificate). From certificate you can extract public key
only.
- Original Message -
From: Angus Lee <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, March 20, 2000 11:49
Sub
Hello:
I compiled openssl-0.9.5 for Visual C++,following the
instructions of Andrew Gray, and everything looks work
fine; but I encounter a problem with the BIO functions
that I can resolve. Here is the code:
#include
#include
int main() {
pBioErr= BIO_new_fp(stderr,BIO_NOCLOSE);
fwrite("He
Hi,
Each certificate has a pair of public key and private key associated with it.
Can I extract the public key and private key from it to do encryption,
signing, and decryption?
Does openssl support any kind of encryption and decryption like PGPsdk?
Angus Lee
Hi,
I'm trying to generate certificate requests (CSRs) to send off to VeriSign.
Here is the config file (ReqConfig.cnf) that I'm using:
#
#
#
RANDFILE = .rnd
[ req ]
default_bits = 512
default_keyfile = t_newkey.pem
prompt= no
distinguished_name
Hello,
Please disregard this note and the previous one about DER certs and
MySQL databases. I figured them both out!
Sorry to bother the list unnecessarily.
Thank you,
Murrah Boswell
[EMAIL PROTECTED]
OTR Comm wrote:
>
> Hello,
>
> Is it possible to include the private_key passphrase in the
On Sun, Mar 19, 2000 at 07:51:38PM -0800, Claus Assmann wrote:
> I'm trying to write a server (using OpenSSL) that doesn't use
> patented algorithms, which means I have to restrict my server to
> TLSv1 or SSLv3 (right?), so I would like to use TLSv1 only, but
> then a "default" client (SSL23_metho
24 matches
Mail list logo
