Net::SSLeay on NT4

2000-10-19 Thread co
Im going to install Net::SSLeay 1,03 on NT4. I am trying to figure out which steps i should take when installing 1,03 on NT4...? I think i have to alter the Makefile.pl script in some ways but im not sure about pathdirection to my ssleay.exe. I would greatly appreciate any advices that anyone co

Key exchange, etc.

2000-10-19 Thread Michael T. Babcock
Are there any good online references for effectively using OpenSSL to negotiate a key exchange, then set up a random session key? -- Michael T. Babcock, C.T.O. FibreSpeed http://www.fibrespeed.net/~mbabcock __ OpenSSL Project

How do I check my Linux have install openSSL or not?

2000-10-19 Thread c . f . chow
Dear Openssl, How do I check my apache web server install OpenSSL or not?? Fai, CHOW GPE International Co., Ltd. (Tel) 852-2410 7751 (Fax) 853-2410 7872 (E@) [EMAIL PROTECTED] __ OpenSSL Project

Re: Certificate Generation

2000-10-19 Thread Pijcke Christophe
You must create first a Self-Signed CA Certificate. With this certificate, you can sign your certificate. Try this for a better explication: http://www.ultranet.com/~fhirsch/Papers/wwwj/article.html A+ Christophe. >From: Keith Pachulski <[EMAIL PROTECTED]> >Reply-To: [EMAIL PROTECTED] >To:

Re: Certificate Generation

2000-10-19 Thread Paulo Matos
> How can I generate a ceritficate which is signed by someone other > than Snake Oil CA. Do you want a self signed certificate? -- Paulo Matos --- -- |Sys & Net Admin| Serviço de Informática

Re: verify_callback question - probably an easy one.

2000-10-19 Thread Lutz Jaenicke
On Thu, Oct 19, 2000 at 04:35:04PM -0400, Louis LeBlanc wrote: > Ok, I think I get it now. The depth strictly relates to how many > 'signings' you are removed from a root cert. I don't want to accept > anything signed by someone who is also signed by a root cert, so I set > my depth at 1. If I

Re: verify_callback question - probably an easy one.

2000-10-19 Thread Louis LeBlanc
Ok, I think I get it now. The depth strictly relates to how many 'signings' you are removed from a root cert. I don't want to accept anything signed by someone who is also signed by a root cert, so I set my depth at 1. If I get to a root cert within that length of a cert chain, then I can check

Re: verify_callback question - probably an easy one.

2000-10-19 Thread Lutz Jaenicke
On Thu, Oct 19, 2000 at 03:58:26PM -0400, Louis LeBlanc wrote: > I think the problem is here, in the check of verify_depth and depth: You misunderstand the verify_depth > This is the format that has been suggested to me, and what is used in > s_client. I am setting verify_depth to 1, and it get

verify_callback question - probably an easy one.

2000-10-19 Thread Louis LeBlanc
I am a bit confused. My verify_callback() routine does not seem to do what it is supposed to. Here is what I want: If a server presents a cert that is not signed by one of my 'trusted' CAs, I don't want to connect. Period. As it is now, it seems to log a message, then the SSL_connect() happil

Certificate Generation

2000-10-19 Thread Keith Pachulski
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 How can I generate a ceritficate which is signed by someone other than Snake Oil CA. -BEGIN PGP SIGNATURE- Version: PGPfreeware 6.5.8 for non-commercial use iQA/AwUBOe9N8OGTq6qVSXTQEQKLrwCguA4UAR8fIXNT/HhQiy/0ilVd8f8AnRD

Re: Hiya and a quick question.

2000-10-19 Thread Dr S N Henson
Jim Grimmett wrote: > > > I'm hoping to generate the two keys and encrypt a piece of information > with the private key into a file and send it to a client. The client will > have > the public key and will be able to verify that the information came from > me, because it'll decrypt successfully

Hiya and a quick question.

2000-10-19 Thread Jim Grimmett
Hi all, first a quick note as to who I am. I've ben writing C and C++ for UNIX systems for the past 8 years. I'm currently employed as the IT Manager at a new company called Blitz The Net Ltd based in Bath in the UK. Enough of that. I found OpenSSL last week when looking for another option

RE: Error building on Compaq alpha with osf4.0f

2000-10-19 Thread Poetsch, Michael
Your Systems seems to have not enough virtual memory. It tells you: Fatal: Insufficient virtual memory to continue compilation. Solution: Virtual memory = swap + RAM If you have a disk or partition that does not host any data, you could easily add this disk/partition to the swap space, thus i

Re: PKCS#7 signed text...how to get it

2000-10-19 Thread Dr S N Henson
"Hellan,Kim KHE" wrote: > > I have succeeded in loading a MIME file by using the following commands: > > BIO* bioIndata; > PKCS7* p7 = SMIME_read_PKCS7(spBio, &bioIndata); > > I am able to extract signers certificate, but how do I extract the signed > text? > I have tried looking in the

RE: howto build without ssl2

2000-10-19 Thread Thomas Leyer
I want to use this in kernel mode, so I think the exclusion of ssl2 should take place while I build the libs... _unfortunately_ it's no compile time option, so I'm scared of having to extract it manually :-( bye Thomas On Thu, 19 Oct 2000, Barnes, Michael L. wrote: > That is not a c

I would need now

2000-10-19 Thread Albert Serra
I am testing my modified cli.cpp and ser.cpp but I want to establish the connection from one workstation to another, I mean, not the same:     server  /* Prepare TCP socket for receiving connections */   listen_sd = socket (AF_INET, SOCK_STREAM, 0);   CHK_ERR(listen_sd, "socket");     memset (&sa

Invalid command SSLCACertificateFile

2000-10-19 Thread Carl G. Major
Hi, I get this error when I try to start httpsd: Invalid command "SSLCACertificateFile" ... I know the path is correct. Does this mean the ssl module is not loaded at startup? When I do a httpsd -l, I get ... apache_ssl.c ... TIA, Carl Programming Specialist Griffintown Media Inc. 1336 N

RE: howto build without ssl2

2000-10-19 Thread Barnes, Michael L.
That is not a compile time option, but you can easily specify either in your application or an existing one (like modssl) to not use ssl2. Mike > -Original Message- > From: Thomas Leyer [mailto:[EMAIL PROTECTED]] > Sent: Thursday, October 19, 2000 11:48 AM > To: [EMAIL PROTECTED] > Subje

howto build without ssl2

2000-10-19 Thread Thomas Leyer
Hi there, has anybody got experience with building the openssl-libs without ssl2-support? thnx in advance Thomas __ OpenSSL Project http://www.openssl.org User Support Mailing List

Problem

2000-10-19 Thread Shlomit Lisser
Hi! I am trying to use curl in order to get to an https site. It was brought into my intention that some other of the OpenSsl users had similar problems. the command and the output are as follows: curl -s -o E:\TEMP\tmp50825.crl -i -3 https://vault.sbmonline.com:443/sbmtest1/clicgi/cgi-bin/ac

Re: Problem with configuring #rounds for RC5 in 0.9.6

2000-10-19 Thread Dr S N Henson
Iain Betson wrote: > > Hi, > > I think I've found a problem which prevents the number of rounds of the RC5 > cipher being configured when using the EVP cipher wrapper functions with > OpenSSL 0.9.6. The default number of rounds for the EVP_rc5_32_12_16_cbc > cipher is 12. To change this to 16, o

Problem with configuring #rounds for RC5 in 0.9.6

2000-10-19 Thread Iain Betson
Hi, I think I've found a problem which prevents the number of rounds of the RC5 cipher being configured when using the EVP cipher wrapper functions with OpenSSL 0.9.6. The default number of rounds for the EVP_rc5_32_12_16_cbc cipher is 12. To change this to 16, one might try to use EVP_CIPHER_CTX

Re: running on linux

2000-10-19 Thread Martynas Sklizmantas
hya, i think wrong list for this question, anyway: try ssh -v somt.com, then copy informatino on the screen and paste to your message. your question sounded like - hey i bought a new tv set and it is not working, any ideas? regards, m.s. - Original Message - From: EdJohnstone <[EMAIL

Re: Install on NT4

2000-10-19 Thread Jim Hud
Anywhere in your path so that they can be found, for example c:\winnt\system32 (assuming standard NT setup). - Original Message - From: <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Thursday, October 19, 2000 9:15 AM Subject: Q: Install on NT4 > Hello... > > Im new to this and hav

Q: Install on NT4

2000-10-19 Thread co
Hello... Im new to this and hav just compiled my first package on NT4. For the INSTALL instruktions... Where should I put ssleay.exe and ssleay32.dll on the NT server? Is it under C:\perl\ssl\bin or C:\perl\bin\ssl\bin or where do you place it? Best Regards, Christian Otrel [EMAIL PROTECTED]

RE: errors in SSL_connect() & session caching overload

2000-10-19 Thread p . wagemans
Louis LeBlanc wrote: > Just in case anyone is interested, I have come across a problem with > the SSL session caching. Under heavy load, my app would dump core, > sometimes the core exceeded 300MB (though a good part of this was > memory allocated for application functionality). The problem > d

OS X and OS X server

2000-10-19 Thread Aristedes Maniatis
I appears that OpenSSL 0.9.6 has broken the ability to compile under OS X Server. It definitely worked great under 0.9.5a and OS X Server. I have only just now tried to compile under OS X. I am not on the list, but perhaps someone here knows the code well enough to look at it. Please email me if