Thanks for a lot of material to read.
I'd like to repeat my question about importing CA certificate off-line. I
though openssl pkcs12 -export -in usercert.pem -inkey userkey.pem -certfile
cacert.pem -out user.p12 would work fine, but it didn't. When I tried to
add -chain, it told me that the cha
I sent an email a few days ago with no response. What is happening is that I
am only getting back HTTP headers and not the actual content. I've attached
the source code. Perhaps someone can help - it'd be greatly appreciated.
--
--
Evan Klinger[EMAIL PROT
how to free up stuff allocated by SSLeay_add_ssl_algorithms() - openSSLI
would like to know also. I have seen a SSL_library_cleanup() in the BSafe
API, but nothing comparable in OpenSSL.
Arun.
>-Original Message-
>From: Arora Meenakshi <[EMAIL PROTECTED]>
>To: Openssl-Users (E-mail) <[EM
Title: memory leaks when using SSL functions like SSL_CTX_new()
hello
i am getting memory leaks in my code though i am calling the memory free functions.
any ideas??
my sequence is :
SSLeay_add_ssl_algorithms();
RAND_screen();
WSAStartup(versionRequested,&wsaData))
m_pMethod = SSLv2_clie
Title: how to free up stuff allocated by SSLeay_add_ssl_algorithms() - openSSL
hello
SSLeay_add_ssl_algorithms(.) function sets up the global SSL stuff
which function should i use to free up the stuff allocated by SSLeay_add_ssl_algorithms() ??
thanx
Meenakshi Arora
I figured this out. It matters what order you put the libssl.a and
libcrypto.a in the makefile. I swapped them and now everything builds.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]] On Behalf Of Lou Sheward
Sent: Friday, June 16, 2000 2:13 PM
To: [EMAIL PROTECT
Hi,
I am fairly new to UNIX and I am trying to build and use the SSL library
on solaris. All the openSSL files build and test fine, but when I include
the libssl.a and libcrypto.a files in my server build I get unresolved
external errors. The funny thing is the errors aren't for the functions
I
openssl asn1parse -in req.pem
Make sure that the file starts with the CSR and not the key.
> -Original Message-
> From: mark schoneman [mailto:[EMAIL PROTECTED]]
> Sent: Friday, June 16, 2000 3:38 PM
> To: [EMAIL PROTECTED]
> Subject: RE: embarrassing question
>
>
>
> I think this wil
Told ya' I might be wrong about the SSL part! ;-)
-Original Message-
From: Jeffrey Altman [mailto:[EMAIL PROTECTED]]
Sent: Friday, June 16, 2000 2:32 PM
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject:RE: FTP & SSL
This is completely inaccurate. FTP data channels
I think this will work
openssl ca -verbose -policy policy_anything -out newcert.pem -infiles
csr.pem
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Gregory Nicholls
Sent: Friday, June 16, 2000 2:23 PM
To: [EMAIL PROTECTED]
Subject: embarrassing questi
I'm trying to work my way through the whole certificate business and
I've a small question.
How can I view/print/see the contents of a certificate request before I
sign it???
I tried the X509 -text option but it failed unless the certificate was
already signed. (said it expected a trusted cert).
> -Original Message-
> From: Michael Sierchio <[EMAIL PROTECTED]>
> To: [EMAIL PROTECTED] <[EMAIL PROTECTED]>
> Date: Friday, June 16, 2000 10:14 AM
> Subject: Re: FTP & SSL
>
>
> >Arun Venkataraman wrote:
> >>
> >> This is an old gripe :( Ppl don't seem to have attempted seriously to us
This is completely inaccurate. FTP data channels when using AUTH SSL
or AUTH TLS regardless of whether or not passive mode is in use are
secured in exactly the same way. Regardless of which end created the
connection the FTP Server is the SSL/TLS Server and the FTP Client is
the SSL/TLS client.
The trouble is that when an FTP Client connects to an FTP Server, the Client
gets a "Control Channel". That's all fine and easy - he is still a client
and can do "normal" client stuff like accept the Server's certificate, etc.
However, when a Client does something like, say, request a file from t
I have read some threads here about all the OpenSSL calls being thread-safe,
with the notable exception of SSL_read and SSL_write against the same
thread. Unfortunately, that's exactly what my program is doing - reading
from an SSL on one thread and writing to that same SSL on another.
What are
-Original Message-
From: Michael Sierchio <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED] <[EMAIL PROTECTED]>
Date: Friday, June 16, 2000 10:14 AM
Subject: Re: FTP & SSL
>Arun Venkataraman wrote:
>>
>> This is an old gripe :( Ppl don't seem to have attempted seriously to use
>> SSL over someth
Arun Venkataraman wrote:
>
> This is an old gripe :( Ppl don't seem to have attempted seriously to use
> SSL over something else other than http.
Huh-wah? You have it backwards (HTTP over SSL). And there are
plenty of examples of LDAP, POP, SMTP and other protocols over
SSL. FTP is inherently
This is an old gripe :( Ppl don't seem to have attempted seriously to use
SSL over something else other than http. Try
ftp://ftp.psy.uq.oz.au/pub/Crypto/SSLapps for a SSL-ftp client and server on
Unix. These may be outdated though. I haven't come across an implementation
on Windoze.
Arun.
-O
In the January issue of Computer Security Journal, Carl Ellison and
Bruce
Schneier have article "Ten Risks of PKI: What You're not Being Told
about
Public Key Infrastructure"
It can be found at http://www.counterpane.com/pki-risks.html
It really addresses policy and process issues more than te
Yuji Shinozaki wrote:
> You can still verify a document signed by an expired key: they are
> simply cryptographically-related numbers. The math will never change.
> It is just that you have to verify that the document was signed within
> the certificate's validity dates ( and within the validity
20 matches
Mail list logo
