Please point me towards the documentation for the Certificate Signing
Request for OpenSSL.
Thanks
-
For every action there is an equal
and opposite government program.
http://3522508374/
-
___
Quick question: What is the directive to turn off the requirements for a
User Certificate. I get
a message each time connecting. I have the following set:
SSLVerifyClient 3
SSLVerifyDepth 10
Is there a separate directive for checking for User Certificates?
Thanks
You don't play poker do you. There is not way that RSA has any claim to
openSSL at all and outside of the US they have no claim to patent
protection either. Of course, if you were a salesman sitting behind an
RSA desk and you had someone dumb enough to ask - what do you think the
response will b
From: Bill Rebey <[EMAIL PROTECTED]>
Bill.Rebey> "We own EAY, thus we own SSLeay/OpenSSL"
This is of course pure and simple bullshit. SSLeay was distributed
under a "free" license, and there's no way it can be taken away
retroactively from the versions that came out (anything until version
0.9.
Yea, we figure this has a lot do do with it. Actually the $70K is down from
$100K after much whining.
The real concern isn't the price, though - it's "Do we have to pay him
anything at all?"
I thought we just owed RSA if we wanted to use RSA encryption, and that
OpenSSL was Free and Clear if we
Hi all,
Assuming I ever get OpenSSL figured out and working, I need to know about
the legality of using OpenSSL.
I am using it in a Commercial product.
What can and can't I use? I control both the client and server, so the
brand of encryption that I use is not important. What's far more impo
Hallo,
how can I encrypt a string with base64-encryption using openssl?
(I'll need it to authenticate to a webserver after connect,
username:password
have to be base64-encoded.)
Thanks in advance.
Silvio Matthes
__
OpenSSL P
In the README file there is a section marked PATENTS.
The only thing that really needs to be added, is that the patent on
the RSA algorithm expires on Sept 20, 2000, but then *everybody*
knows that. :)
Tell your boss that OpenSSL has some patented intellectual property
and you need some time with
I am using Openssl 0.9.5a and created a CA cert from the
/usr/local/ssl/misc/CA.sh script. Netscape reports this as Medium grade
RC2-CBC with 56-bit secret key.
Anyone know how to modify that script so it generates a high grade or an
RC5 certificate?
begin:vcard
n:Nichols;Tom
x-mozilla-html:FA
> When I type
> 'openssl genrsa -rand /dev/urandom -out www.domain.com.key 1024'
> the command just sit and do nothing. I ran this command on a freebsd box.
Likely it's trying to read *all* of /dev/urandom. The nature of
urandom is that it's infinite, so you'll sit there forever.
Try dropp
I just went to build 0.9.5a on FreeBSD, and it said it didn't know how to
enable threading, go read INSTALL. So I read INSTALL and it said I needed
to specify two options, but didn't say if these were config options,
Configure options, compiler options, config options to make compiler options,
or
I believe that he did read this stuff. From the initial posting in
this thread it appears that the RSA sales force is now claiming that
because Eric A. Young is now an employee of RSA and because the SSLeay
source code was used as the foundation for a commercial RSA product
that RSA is now claimi
On Wed, Jun 28, 2000 at 05:29:36PM -0400, Bill Rebey wrote:
>
> How can I find out, from a legally sound source, what the truth is?
>
Spend a couple of minutes reading the license:
http://www.openssl.org/source/cvs/exp/LICENSE?rev=1.6&hideattic=1&sortbydate=0
Since the original EAY license menti
Base64 is a basic encoding mechanism (it is **not** encryption) used by HTTP
clients for encoding username and password, for urls that requires user
authentication. It is quite simple and there are a lot of implementations
freely available (C/Perl/Java). Just do a search on www.google.com to sampl
This may be related to the fact RSA has a patent expiring this September.
Bill Rebey wrote:
> I just got off the phone with, among others, John Riley at RSA. He's
> claiming things like (paraphrased):
>
> "It's flat out illegal to use OpenSSL for Commercial purposes"
> "Even if you use OpenSS
I just got off the phone with, among others, John Riley at RSA. He's
claiming things like (paraphrased):
"It's flat out illegal to use OpenSSL for Commercial purposes"
"Even if you use OpenSSL, it still uses RSA technologies that you have to
pay royalties for (regardless whether it uses RSA enc
On Wed, Jun 28, 2000, [EMAIL PROTECTED] wrote:
> how can I encrypt a string with base64-encryption using openssl?
openssl base64
But base64 is an encoding mechanism (just like hexadecimal encoding
for example), not encryption.
___
When I type
'openssl genrsa -rand /dev/urandom -out www.domain.com.key 1024'
the command just sit and do nothing. I ran this command on a freebsd box.
__
OpenSSL Project http://www.openssl.org
Us
begin:vcard
n:Nichols;Tom
x-mozilla-html:FALSE
org:CitX Corporation;Engineering
adr:;;
version:2.1
email;internet:[EMAIL PROTECTED]
title:Unix Systems Administrator
x-mozilla-cpt:;0
fn:Tom Nichols
end:vcard
I'm curious: the SSL server code (s3_srvr.c, line 1677) sets an error of "no
certificate returned" when the client's certificate fails verification. Why
use this (rather misleading) error message? The equivalent client code
(s3_clnt.c, line 764) uses the more intuitive error of "certificate verify
I need SSL to run Webmin, a DNS administration program. As instructed at
the Webmin site, I downloaded openssl-0.9.5-1.i386.rpm and
Net_SSLeay.pm-1.05.tar.gz. The former, I simply ran, which should have
installed it. When I try
perl -MCPAN -e 'install Net::SSLeay'
to install Net_SSLeay, I
I was having problems with client authentication that I solved only moments ago.
Try calling SSL_new (m_pCtx) only after you load the certificates and keys, makes sense when you think of it.
Also, use SSL_CTX_set_verify(m_pCtx, SSL_VERIFY_PEER, verify); with only SSL_VERIFY_PEER not SSL_VERIFY
"Moyle, Ed (PCA)" wrote:
>
> Well, the problem is that I am compiling on WinNT using msvc (I know, I
> know... they make me.) Since it's NT, I can't do any symbolic linking...
> Plus, I work on a product that uses a directory structure and build options
> that I don't get to change very easily (
Date: Wed, 28 Jun 2000 11:36:37 -0400
From: "Moyle, Ed (PCA)" <[EMAIL PROTECTED]>
Well, the problem is that I am compiling on WinNT using msvc (I know, I
know... they make me.) Since it's NT, I can't do any symbolic linking...
Plus, I work on a product that uses a directory s
sorry for my english
Albert Serra wrote:
I'm modifying cli.cpp and serv.cpp to get client
authentication. So I do it in the same way like server authentication but
it doesn't work. Does somebody know how to get it? Ideas? Is there any
espacial and important function that I can have forgotten?
tha
I'm modifying cli.cpp and serv.cpp to get client authentication. So I do
it in the same way like server authentication but it doesn't work. Does
somebody know how to get it? Ideas? Is there any espacial and important
function that I can have forgiven?
thanks
--
Albert SERRA
==
> Well, the problem is ...
Sorry, but I think you're in the minority of development environments.
You're not allowed to change your build hierarchy, you can't change
your build flags, and you need to use external packages. Good luck,
but openssl/foo.h is generally the right thing to do and it sh
From: "Moyle, Ed (PCA)" <[EMAIL PROTECTED]>
EMoyle> Well, the problem is that I am compiling on WinNT using msvc
EMoyle> (I know, I know... they make me.) Since it's NT, I can't do
EMoyle> any symbolic linking...
True...
EMoyle> Plus, I work on a product that uses a directory structure and
EMo
Hello !
I installed openssl 0.9.4 on WinNT. The tests are OK.
But how can I test the ssl by connecting an ssl-server via URL (https)?
Do you know a little application for this test?
I've got Problems with SSLeay 0.16, so I wanna be sure if openssl works.
Maybe I don't need SSLeay, but on
Well, the problem is that I am compiling on WinNT using msvc (I know, I
know... they make me.) Since it's NT, I can't do any symbolic linking...
Plus, I work on a product that uses a directory structure and build options
that I don't get to change very easily (the build group can't handle too
man
From: Lutz Jaenicke <[EMAIL PROTECTED]>
Lutz.Jaenicke> To the OpenSSL-Administrators: please update the
Lutz.Jaenicke> stunnel entry (considering this to be the new official
Lutz.Jaenicke> home of stunnel!?).
*clicketiclick*
--
Richard Levitte \ Spannvägen 38, II \ [EMAIL PROTECTED]
Chairman
> Here is "below" :-)
>
> Until now I did not know of "www.stunnel.org". My bookmarks still contained
> the old(?) address in Poland, as does the OpenSSL home page.
> The latest version listed there is 3.8 (without p1 etc) and there is no link
> to the new site
It does contain a link to 'a
On Wed, Jun 28, 2000 at 07:24:41AM -0700, Brian Hatch wrote:
> > > Before anyone says it's in the FAQ, I've checked this out long and hard
> > > and I'm pretty sure this is a bug.
>
> not terribly hard, its on the stunnel.org page and older
> stunnel web faq since march. Yeah, it's a bug.
See b
From: "Williams, Andre (Exchange)" <[EMAIL PROTECTED]>
anwilliams> $ openssl req -new -x509 -keyout
anwilliams> $HOME/apache-ssl/openssl/private/serverkey.pem -out
anwilliams>
anwilliams> $HOME/apache-ssl/openssl/certs/servercert.pem -days 365
anwilliams> Using configuration from /opt/home/webl
34 matches
Mail list logo
