This question has been asked numerous times. Please check the archives.
Arun.
"If you torture data long enough, it will admit anything you want.."
This message is for the named person(s) use only. It may contain
confidential, pr
I know know lots and lots about client authentication and certificates.
Thanks everyone for your help!
Now: there's one big thing that I don't understand. If I am going to be
building an https client that will authenticate itself with a certificate of
some kind, does that client need to have acce
> It's not copyright (unless you do use rsaref - and then they
>do have some copyright code on you) but rather patent (on the RSA
>algorithm). The patent expires in another month and a half (September
>20 if memory serves me right).
from what I read, I need to use rsaref if I am in the
[EMAIL PROTECTED] wrote:
>
> Hi Randal,
>
> I am trying to get OpenSSL to import private key files.
You can load a private key with
PEM_read_PrivateKey() (defined in openssl/pem.h)
> -Original Message-
> From: EXT Randall Ward [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, August 09, 2
The certificate can be an ASN1 or PEM format file. To use a certificate,
you must also have a private key file (also in PEM or ASN1 format). The
certificate must be the public key for the private key file. Both of these
files can be created using the openssl utility.
Example:
Generate a 1024 b
On Wed, Aug 09, 2000 at 01:10:52PM -0500, Benji Spencer wrote:
> we are looking at moving from out Netscape Enterprise SSL web server and
> going to Apache+SSL (Apache-ssl, Ben's SSL) anyhow..we want to do this
> legally, and we know that RSA has some copyright issuesI thought this
> would
I use VC6.0, service pack2, and the nasm assembler for
the 0.9.5a release of OpenSSL.
The test suite for 0.9.5a completes without failures except
for a few "expired certificate" messages.
(I run everything except the IDEA and RC5 tests.)
Al Borr
> Has anyone successfully completed the self-test
On Wed, Aug 09, 2000 at 01:10:52PM -0500, Benji Spencer wrote:
> we are looking at moving from out Netscape Enterprise SSL web server and
> going to Apache+SSL (Apache-ssl, Ben's SSL) anyhow..we want to do this
> legally, and we know that RSA has some copyright issuesI thought this
> would
we are looking at moving from out Netscape Enterprise SSL web server and
going to Apache+SSL (Apache-ssl, Ben's SSL) anyhow..we want to do this
legally, and we know that RSA has some copyright issuesI thought this
would be a problem..but it might not be.
I looked at our current NES server
> I've been building a small https client & everything has gone quite well.
> Now I've been told that I need to include support for client authentication
> using a standard x.509 certificate & I am stumped.
How do you manage client trust to your server? how do you know
that you are really communi
Hi Randal,
I am trying to get OpenSSL to import private key files.
I am kinda blown away with this, too.
So any info we can get will be much appreciated.
-Original Message-
From: EXT Randall Ward [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, August 09, 2000 1:28 PM
To: '[EMAIL PROTECTED
I haven't run the test.bat (didn't even know about it till I read your
message and did a file search). When I tried to run it, it failed on the
rsa-test which isn't surprising considering I compiled without RSA support.
What I can tell you is that OpenSSL works for my purposes (using my self
gen
I've been building a small https client & everything has gone quite well.
Now I've been told that I need to include support for client authentication
using a standard x.509 certificate & I am stumped.
Is the certificate just going to be a file? Do I just have to set a path to
it, or is there some
Hello,
We are trying to implement sure-pay for
authorization, and it requires
Net::SSLeay perl packages and also openssl.
When installing openssl per Install.w32 document,
everything is fine, however
I am trying to find libraries
libeay32.a, libssl32.a (I think).
When trying to gene
Dear Sir
Pl send me SSL complet Installation and Configuration manual
Regards
M A Haider
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL
"McMullan,Stephen" wrote:
>
> Hi,
>
> I've sourced a lot of info ( MS Site, NS Site, this lists archives, mod_ssl
> )
> on how to create certs for webservers
> that will invoke MS SGC and Netscape step up but I just can't
> get it to work.
>
Well if you'd read the bit in doc/openssl.txt you mi
> From: Bill Rebey [mailto:[EMAIL PROTECTED]]
> Has anyone successfully completed the self-tests (test.bat)
> on Windows NT (or any other Win flavor, for that matter)?
Yes for the dozen or so versions/snapshots I've built with VS6 under NT4
during the last 18 months.. no tricks, just slavishl
Has anyone successfully completed the self-tests (test.bat) on Windows NT
(or any other Win flavor, for that matter)?
I've tried to run the tests with a 3 differne OpenSSL build: static built
with MSVC, dynamic (DLL) built with MSVC, and static built with Borland C++.
All three fail in various
Hi,
I've sourced a lot of info ( MS Site, NS Site, this lists archives, mod_ssl
)
on how to create certs for webservers
that will invoke MS SGC and Netscape step up but I just can't
get it to work.
I've created a root CA cert with the following:
extensions = x509v3
[ x509v3 ]
basicConstraints =
Your sun rep is the only one that can give you the legal answer, but mine
told me 'no' when I asked. The 200k user license is only to be run under
solaris, and only 200k per sun machine (you can't put 400k entries on a
single machine just 'cause you own two suns).
But again, only your sun rep can
Solaris 8 'commercial' (ie the $80 version) comes bundled with a 200K
entries license of iPlanet's Directory 4.11
I'm curious to find out if it would be legal to run another version of
iPlanet's 4.11 (say NT).
Technically you would hold a Solaris 8 license, which would give you a
Directory 4.1
It means it does not know where the certificate file is stored on the
server, i.e. in which directory.
Dave
- Original Message -
From: <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, August 09, 2000 2:51 PM
Subject: Samba-2.0.7 with SSL(SSLeay-0.9.0) support!
> Hello all
Hi,
Is there any function in OpenSSL that allows me to test if a given certificate
is a CA cert or not?
Thank you.
Angus Lee
---
Get Your Free Email at http://www.hknetmail.com
___
Hello all!
What's the expected format for certificates index file? (On my computer it's
/etc/certificates/index.txt)
Does anyone have an idea about the following lines in this file?
What does "unknown" means?
V 030506123717Z 01 unknown
/C=AU/ST=Some-State/O=Internet Widgits
I've successfully build the out32dll files found in openssl-0.9.5a,
and generated usable certificates for Microsoft's web server, IIS.
However, using VisualC 6, Service Pack 4, I am unable to build the
cli.cpp and serv.cpp, nor, s_cerver.c and s_client.c examples. At the
very least some of the
Hello everyone,
first let me thank OpenSSL toolkit developers for their work!
Now, to my problem: I have a simple jsse (1.0.1) client that connects to
openssl (0.9.5a) server. The server uses TLSv1 server method, the client
code looks like
Security.addProvider(new com.sun.net.ssl.internal.ssl.P
On Tue, 08 Aug 2000, you wrote:
I dont know about 0.9.4 but under 0.9.5a you can do a make linux-shared to get
the shared library stuff. But you still have to put the *so* files somewhere in
your library path and do a ldconfig or whateverver is appropriate for your
system.
Gerd
> Hi,
> A
On Tue, Aug 08, 2000 at 04:03:25PM -0400, Patrick G. Moore wrote:
> Hi all,
>
> I am looking for some sample code on how to
> integrate LDAP lookups into openSSL for
> retrieving certs and crls when verifying.
> The mod-ssl and apache-ssl sites don't mention
> it, but I thought apache was LDAP aw
28 matches
Mail list logo
