I've just installed OpenSSL 0.94.3 on a Linux box with hopes of eventually
setting up a secure POP3/IMAP server (perhaps using stunnel).
Unfortunately, I am not sure where to start with respect to running my own
test CA, and generating the required certificates for stunnel and then for
client mach
I've just installed OpenSSL 0.94.3 on a Linux box with hopes of eventually
setting up a secure POP3/IMAP server (perhaps using stunnel).
Unfortunately, I am not sure where to start with respect to running my own
test CA, and generating the required certificates for stunnel and then for
client mach
Thank you. One more stupid question. Does mod_ssl or some other materials
explains how to hack netscape's browser? I would like to know that very
much.
Thanks again.
__
Miss Yuhang Gao
CERNET Regional Network Center,
Dept. of Computer Sci. & En
When I ran openssl-0.9.5a's "make test", the tmp.bntest file that was
written contained (out of 1800+ tests) seven expressions which Solaris 7's
'bc' evaluated to give non-zero results.
Repeated runs of 'bc' on the same tmp.bntest file gives identical results.
I get the same anomalous results
> -Original Message-
> From: Brian Snyder [mailto:[EMAIL PROTECTED]]
> Sent: Friday, April 28, 2000 1:21 PM
>
> This is a snippet of code from the darkspell gadgets.
[A typical Stevens-style "readn" function.]
> (Replace read with SSL_read and you have a reader for an SSL enabled
> co
No since in re-inveting the wheel. Does anyone have code that they would
share?
> --
> From: David Lang[SMTP:[EMAIL PROTECTED]]
> Reply To: [EMAIL PROTECTED]
> Sent: Friday, April 28, 2000 11:39 AM
> To: [EMAIL PROTECTED]
> Subject: RE: Proxy or Firewall
>
> -
> -Original Message-
> From: Brian Wotring [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, April 27, 2000 2:03 PM
> To: [EMAIL PROTECTED]
> Subject: X509 kept in memory
>
>
>
> I have a client app that I wish to load a cert from disk on
> startup, then
> keep it in memory and use that s
Hi,
I'm trying do make a small program to
cypher a file - just for test.
When I try to get "type" using
EVP_get_cipherbyname it alwas returns NULL.
There is some init to do before use this function??
thanks
ivan
__
A few comments included within...
> -Original Message-
> From: James Dabbs [mailto:[EMAIL PROTECTED]]
> Sent: April 28, 2000 5:37 AM
> To: [EMAIL PROTECTED]
> Subject: RE: Proxy or Firewall
..deleted stuff
> HTTP over SSL, though, works transparently through almost any
This is a snippet of code from the darkspell gadgets.
(Replace read with SSL_read and you have a reader for an SSL enabled
connection).
My question is why does this print out some code that is less then 4096
bytes...ever?
It seems that this would not return and print the 'buf' until its read
'
-BEGIN PGP SIGNED MESSAGE-
I just went through the research nessasary to program this. what actually
happens is that the client connects to the http proxy, tells the http
proxy where it wants to connect to, then after it is connected negotiates
the SSL connection. At this point the proxy
We are seeing this error:
[Fri Apr 28 11:44:46 2000] [error] OpenSSL: error:0407106B:rsa
routines:RSA_padding_check_PKCS1_type_2:block type is not 02
[Fri Apr 28 11:44:46 2000] [error] OpenSSL: error:04065072:rsa
routines:RSA_EAY_PRIVATE_DECRYPT:padding check failed
[Fri Apr 28 11:44:46 2000] [
- The following text is an automated response to your message -
The email-address you have used to send Steve Wirth a message is no longer valid.
Please do not send any further messages to this address.
You can use Steve's other address instead:
[EMAIL PROTECTED]
Thank you.
- The following text is an automated response to your message -
The email-address you have used to send Steve Wirth a message is no longer valid.
Please do not send any further messages to this address.
You can use Steve's other address instead:
[EMAIL PROTECTED]
Thank you.
- The following text is an automated response to your message -
The email-address you have used to send Steve Wirth a message is no longer valid.
Please do not send any further messages to this address.
You can use Steve's other address instead:
[EMAIL PROTECTED]
Thank you.
- The following text is an automated response to your message -
The email-address you have used to send Steve Wirth a message is no longer valid.
Please do not send any further messages to this address.
You can use Steve's other address instead:
[EMAIL PROTECTED]
Thank you.
- The following text is an automated response to your message -
The email-address you have used to send Steve Wirth a message is no longer valid.
Please do not send any further messages to this address.
You can use Steve's other address instead:
[EMAIL PROTECTED]
Thank you.
Michael -
It's true that a cert won't function unless the cert
holder also has the corresponding private key,
but the ongoing discussion about these
certs was assuming that the owner of the
private/public
key pair would distribute everything (cert, BOTH keys,
etc) to other parties.
Several respo
>I have seen many discussions on super-certs, but does anyone know about he
>key features that makes a cert super? Or how does these certs come into
>being? Can we use openssl to produce these kind of certs?
This is the second time I have explained it in the past two weeks.
It has been explained
At 03:10 PM 4/27/00, you wrote:
>So how to set this certificate, and do I write in httpsd.conf correctly, or maybe it
>is possible to turn off
>cache and no problem.
The best FAQ right now is on www.apache-ssl.org. You settings for cache should work
with the default httpsd.conf, .. so you might
My builds ran ahead of my tests, and I was not so successful in Linux as
I had thought:
On Thu, 27 Apr 2000, John M. Mills wrote:
> In Linux, I built './install/unix/rsaref.a' and copied it to
> '/usr/local/ssl/lib/librsaref.a'. I was then able to configure ('linux-elf
> rsaref no-rc4 no-idea');
Generally speaking, use of "raw" SSL through a proxy requires special setup
changes in the proxy itself. Depending on the environment, this may also
require a security waiver from the MIS department in charge of the proxy and
a security screen on the endpoints in question.
HTTP over SSL, though,
On Thu, 27 Apr 2000, Boyet, Adam C wrote:
> Is it possible to use Net::SSLeay and OpenSSL to make a SSL request through
> a proxy or firewall.
SSL thru TCP-level firewalls is no problem.
Cheers,
Rudi
__
OpenSSL Project
Hi,
I've just starten playing about with openssl and have a
question regarding the CA.
I would like to output a certificate to a file that I
already have in my CA database. Unfortunately I only see how I can do this when
I give the request with all the info, then I get the answer that the
List,
from the archives I know that this issue has been discussed before
but I still do have a problem.
We've generated keys and certificates w/ openssl and want to import
those into Netscape's Enterprise Server 3.6 running under NT. Direct
import isn't possible but apparently there used to be t
I have seen many discussions on super-certs, but does anyone know about he
key features that makes a cert super? Or how does these certs come into
being? Can we use openssl to produce these kind of certs?
Hazel
__
Miss Yuhang Gao
CERNET Regional
Boyet, Adam C wrote:
>
> Is it possible to use Net::SSLeay and OpenSSL to make a SSL request through
> a proxy or firewall.
>
Yes, it's possible. You must add some short code before SSL_Accept to
make connection through proxy.
If you use HTTP proxy, you may try something like this pseudocode:
27 matches
Mail list logo
