I have use the "certmgr - s my" and found 3 certs of mine,
but when I tried to connect a ssl URL which ask for client-cert,
the pop-up dialog showed no certs for me to choose! where are those "my certs"?
BTW, all "my certs" are imported from .p12 file.
They are all of 512bit RSA keys, and signed
Hi there,
On Fri, 8 Dec 2000, Forrest Aldrich wrote:
> I wasn't able to get our port to compile correctly (emailed the
> maintainer), however I was able to compile manually. When I run apache, I
> get:
>
> [Fri Dec 8 19:42:44 2000] [warn] pid file /var/run/httpd.pid overwritten
> -- Uncle
What is your definition of a "secure channel"? If you require that there
not be anyone else listening/decoding, you cannot establish a secure channel
without some form of authentication or certificate.
DS
__
Ope
Rachit Siamwalla wrote:
>
> Hi, i'm trying to set up an encrypted channel between client / server
> but without authentication or certificates. From searching through the
> mailing list archives, i've seen other people have done it successfully
> before.
>
> I tried working from the relatively s
Hi, i'm trying to set up an encrypted channel between client / server
but without authentication or certificates. From searching through the
mailing list archives, i've seen other people have done it successfully
before.
I tried working from the relatively simple demo/ssl/serv.cpp and
demo/ssl/c
On Fri, 8 Dec 2000, Jackie Chan wrote:
> >From what I can see it is impossible to create a client and server
> interaction that allows the following behavior using Net::SSLeay
>
> client sends data to the server
>
> server handles data
>
> server waits for more data from the same client over t
Addendum, this problem also occurs with openssl-0.9.6
_F
[ my previous message ]
I wasn't able to get our port to compile correctly (emailed the
maintainer), however I was able to compile manually. When I run apache, I
get:
[Fri Dec 8 19:42:44 2000] [warn] pid file /var/run/httpd.pid ov
I wasn't able to get our port to compile correctly (emailed the
maintainer), however I was able to compile manually. When I run apache, I
get:
[Fri Dec 8 19:42:44 2000] [warn] pid file /var/run/httpd.pid overwritten
-- Unclean shutdown of previous Apache run?
/usr/libexec/ld-elf.so.1: /usr/
>From what I can see it is impossible to create a client and server
interaction that allows the following behavior using Net::SSLeay
client sends data to the server
server handles data
server waits for more data from the same client over the same connection
Pay close attention to that last lin
On Fri, Dec 08, 2000 at 11:14:07AM -0500, Sudeep Sudhakaran wrote:
> Hi,
>
> I have seen a lot of posting on client certificate validation. But no clean
> answer to client authentication. I see a reply and finally the poster
> replies saying it doesnt work. It seems a lot of people have proble
I have no expirence with SSL.. I am using RH Linux 6.2 kern 2.2.14-5.0. How
do get/generate a cert? Do I have to buy a commerical cert?
Brock
__
OpenSSL Project http://www.openssl.org
User Suppo
Well... I've gotten a little bit further. I apologize for these elementary
questions, I just have never used this before.
I used the default openssl.cnf file rather than one I created.
I got the CA to approve the request (a test certificate).
I copied the information into a *.crt file. However,
Hi,
If you are allowing anon-DH, then you are permitting certificate-less SSL, which
is a potential security hole, unless your implementation is not worried about
that.
Our implementation needed to enable this, and our solution was to make this
configurable to the end user, then it is their re
"Kalligonis, Tim" wrote:
>
> I actually just found some information about the -config option. Using the
> -config option I was able to create the csr file but it was not accepted by
> the certificate authority Thawte. This is the error I am receiving:
> The actual error given was:
>
> We acc
openssl command line utility will do it.
This page should get you started. Go to the examples section.
http://www.openssl.org/docs/apps/req.html#
Brock Noland wrote:
I have no expirence with SSL.. I am using RH Linux
6.2 kern 2.2.14-5.0. How
do get/generate a cert? Do I have to buy a commerical c
You have to buy the cert from a Certificate Authority. Our company happens
to use Thawte.
http://www.thawte.com
I found some good information on their site...examples etc.
You ca also get a test certificate to test with.
-Original Message-
From: Brock Noland [mailto:[EMAIL PROTECTED]]
S
I actually just found some information about the -config option. Using the
-config option I was able to create the csr file but it was not accepted by
the certificate authority Thawte. This is the error I am receiving:
The actual error given was:
We accept two broad forms of CSR. The preferabl
"Kalligonis, Tim" wrote:
>
> I am using Apache 1.3 on Windows2000 Advanced server.
>
> Trying to do: Create a certificate request.
>
> Problem: When I try to create the *.csr file OpenSSL can not find the
> OpenSSL.cnf file because it is looking in the /usr/local/SSL directory which
> does not
Duncan Taylor wrote:
>
> My first question:
> HOW do I parse out a recipient's .pfx cert or .p12 cert to pem
> format? I have scoured the documentation High and Low and find
> NOTHING but examples of "since I have MY .pem we'll use that for the
> signer and reciep.." or how to parse one's p
Gregory Nicholls wrote:
>
> Hiya,
>Quick one for those in the know. Can I use both verified
> certificates and anon-DH sessions with the same SSLCTX ???. I'm
> guessing that I have to check the cipher whilst in the callback function
> and give the green light if it's an anon-DH ciph
SCH wrote:
>
>
> Another question is, I can't import the keys and certifcates(they are packed into
>one p12 file)
> that were generated by outside program(based on openssl)into my IE as
>"mypersonalcertificate",
> what is the reason? Must I generate keys from IE if I want to use them for
>cli
Frank Koenig wrote:
>
> hi
> I have to develope a clientprogramm over SSL. Yesterday I have downloaded
> the openSSL-engine-0.9.6. Build and install OpenSSL == okay.
>
> > ./config == okay
> > make == okay
> > make test == okay
> > make install== okay
>
> - Have a look to my (concentratet)
I am using Apache 1.3 on Windows2000 Advanced server.
Trying to do: Create a certificate request.
Problem: When I try to create the *.csr file OpenSSL can not find the
OpenSSL.cnf file because it is looking in the /usr/local/SSL directory which
does not exist on an NT/2000 machine.
I am getting
Hi,
I have seen a lot of posting on client certificate validation. But no clean
answer to client authentication. I see a reply and finally the poster
replies saying it doesnt work. It seems a lot of people have problems with
this and never got a perfect answer.
I like to implement mutual ce
You can write your own program to delete them using the Microsoft CryptoAPI
CertXYZ functions, or you can use a tool from Microsoft called "certmgr".
certmgr is part of the CryptoAPI tools distribution. It comes on one of the
SDK's, I think the Platform SDK. I also believe you can download it for
Hiya,
Quick one for those in the know. Can I use both verified
certificates and anon-DH sessions with the same SSLCTX ???. I'm
guessing that I have to check the cipher whilst in the callback function
and give the green light if it's an anon-DH cipher. I'd appreciate
someone either
hi
I have to develope a clientprogramm over SSL. Yesterday I have downloaded
the openSSL-engine-0.9.6. Build and install OpenSSL == okay.
> ./config == okay
> make == okay
> make test == okay
> make install== okay
- Have a look to my (concentratet) source:
cbio = BIO_new_connect("edina.xnc
Hi,
I can't get the RSA encryption to work so i looked at some examples.
In the rsa_test.c i tried to rewrite to source to use generated keys instead of
the hardcoded ones. But when I do that it doesn\t work anymore.
I tried to find why when i stumbled upon a statement which I don't understand.
28 matches
Mail list logo
