The PEM password is most likely for a client certificate.
>
> --- chirs charter <[EMAIL PROTECTED]> wrote:
> > HEllo,
> > I uncomented the imaps entry in /etc/cyrus.conf. Now
> > if I telnet to localhost on port 993 I am prompted
> > to
> > enter a PEM pass phrase. Somethings seems
> > misconfi
Have you modified openssl? If so, perhaps you can say what mods you made.
Greg Stark
[EMAIL PROTECTED]
- Original Message -
From: "Nathan Bell" <[EMAIL PROTECTED]>
To: "OpenSSL Users" <[EMAIL PROTECTED]>
Sent: Thursday, August 23, 2001 1:15 PM
On Thu, 23 Aug 2001 10:03:10 -0500 (EST), "Mark H. Wood"
<[EMAIL PROTECTED]> wrote:
>On Wed, 22 Aug 2001, Caliban Tiresias Darklock wrote:
>> Just out of curiosity, why are attachments allowed on the list in the
>> first place? Is there any legitimate reason for it?
>
>Well, why not? Is there an
On Thu, Aug 23, 2001 at 01:17:17PM -0400, George Lind wrote:
> I am running openssl on an NT machine. I am trying to transfer a file to an
> IBM mainframe which is using IBM's implementation of SSL. When I issue an
> SSL_shutdown the mainframe does not have the ability to send back the
> shutdow
Hello there, I was wondering if anyone here could help me. I
am trying to write an asynchronous security proxy application; it
does an SSL_accept fine when I use it with the openssl client
but when I try to run it through netscape it fails and
exits. ERR_print_errors_fp(stderr) gives me:
1
I am running openssl on an NT machine. I am trying to transfer a file to an
IBM mainframe which is using IBM's implementation of SSL. When I issue an
SSL_shutdown the mainframe does not have the ability to send back the
shutdown notification so the NT side hangs waiting for a response. Do I
rea
What causes "error:14086081:SSL routines:SSL3_ENC:block cipher pad is
wrong" to occur every time a client connects to my server (after
certificates have been exchanged)? I figure it's something I'm doing
wrong or something I'm not doing at all, but I can't figure out what it
is.
This error is alwa
On Thu, Aug 23, 2001 at 05:45:55PM -0400, James A. Russo wrote:
> Lutz -- Thanks for your suggestion, it has allowed to get a little bit
> further, but am still not sure what is going on.
>
> Here is the information from the callback and my application.
>
> Slot 0x80e7800: assigned to new connec
Lutz -- Thanks for your suggestion, it has allowed to get a little bit
further, but am still not sure what is going on.
Here is the information from the callback and my application.
Slot 0x80e7800: assigned to new connection from ip:port on fd 18
slot 0x80e7800: RCONN_SSL_ACCEPTING
slot 0x80e78
> Francois Guerry wrote:
>
> Hi,
>
> I work with openssl-engine-0.9.6b on Windows NT4SP6.
> I am trying to build a x509v3 certificate from a PKCS10 request
> with the openssl ca utility. It works fine, but the extensions
> from the request are not copied into the certificate.
> The "copy_extensi
On Tue, Aug 21, 2001 at 10:43:01AM -0400, Nalin Dahyabhai wrote:
> The KDE add-ons directory is missing the m2crypto package. If your local
> mirror doesn't have it, a prepackaged copy can be found at
>
>ftp://ftp.redhat.com/pub/linux/redhat/rawhide/i386/RedHat/RPMS/m2crypto-0.05_snap4-1.i386.rp
Raja,
My 2 cents, since you have not provided any "verify_callback"
function the best option for the flags in "SSL_CTX_set_verify"
would be "SSL_VERIFY_NONE"
Here is the explanation for SSL_VERIFY_NONE.
B the server will not send a client certificate request to the
client, so the client will no
Hello,
I have a secure imap server running but have no luck
connecting to the port(993) OpenSSL seems to detect
something wront with my certs? Below are the error
that were produced using s_client. If someone could
give me some feedback I would greatly appreciate it.
Thanks
catfish# openssl x50
On Thu, Aug 23, 2001 at 12:11:48PM -0400, Raja Said wrote:
> i building an application using ssl.
> i have read the documentation of the open ssl multiple times
> and i have the following situation:
> when i run a server & client using ssl. but without
>
> SSL_CTX_s
On Thu, Aug 23, 2001 at 07:55:13AM -0700, Steven Schaefer wrote:
> I'm not at a location to access the account that receives the subscription
> mail today so please CC this account on a reply, [EMAIL PROTECTED]
>
> I'm kind of delving over which way I should implement buffering.
> I looked throug
hello,
i building an application using ssl.
i have read the documentation of the open ssl multiple times
and i have the following situation:
when i run a server & client using ssl. but without
SSL_CTX_set_verify(ctx,
SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_P
On Wed, 22 Aug 2001, Caliban Tiresias Darklock wrote:
> Just out of curiosity, why are attachments allowed on the list in the
> first place? Is there any legitimate reason for it?
Well, why not? Is there any legitimate reason *not* to?
--
Mark H. Wood, Lead System Programmer [EMAIL PROTECTED
Hello,
I am currently running secure imap(imaps) on port 993.
When I use the openssl client to connect to this port
I got the following errors:
catfish# openssl s_client -connect localhost:993 -cert
/var/imap/cert.pem
unable to get certificate from '/var/imap/cert.pem'
1853:error:0906D06C:PEM ro
I'm not at a location to access the account that receives the subscription
mail today so please CC this account on a reply, [EMAIL PROTECTED]
I'm kind of delving over which way I should implement buffering.
I looked through some of the source code and found in bf_buff.c
#define DEFAULT_BUFFER_SI
Thanks. I should read the man pages more closely.
Lutz Jaenicke wrote:
> On Thu, Aug 23, 2001 at 07:53:13AM -0600, Nathan Bell wrote:
> > Yeah, that's what I'm using. But how do you tell when a new connection is
> > received? I want to shove each new session into it's own thread, but how can I
>
On Thu, Aug 23, 2001 at 07:53:13AM -0600, Nathan Bell wrote:
> Yeah, that's what I'm using. But how do you tell when a new connection is
> received? I want to shove each new session into it's own thread, but how can I
> do that without knowing when to start a new session?
Hmm. If I understood the
Title: copy extensions from a pkcs10 request
Hi,
I work with openssl-engine-0.9.6b on Windows NT4SP6.
I am trying to build a x509v3 certificate from a PKCS10 request
with the openssl ca utility. It works fine, but the extensions
from the request are not copied into the certificate.
The "copy
Thanks. I re-downloaded 9.6 and they were in it. I guess I must have
inadvertantly deleted them while changing the code (which I had to do to
each and every file...).
Dr S N Henson wrote:
> Nathan Bell wrote:
> >
> > I found the first 2; thanks. Where are the other two located at?
> >
> > Dr S N
Yeah, that's what I'm using. But how do you tell when a new connection is
received? I want to shove each new session into it's own thread, but how can I
do that without knowing when to start a new session?
Lutz Jaenicke wrote:
> On Wed, Aug 22, 2001 at 03:13:58PM -0600, Nathan Bell wrote:
> > I'
I created two Root CA's.
1. Test Root CA1
2. Test Root CA2
The Test Root CA2 has two Sub CA's
1. Test Level 1 CA2
2. Test Level 2 CA2
Is there a function, with which I can cross-certificate Test Root CA1 with Test Level1
CA2?
The cross certificate functions with the Test Root CA1 and the T
Thx, it's very useful!
- Original Message -
From: "Erik Wright" <[EMAIL PROTECTED]>
To: "OpenSSL" <[EMAIL PROTECTED]>
Sent: Thursday, August 23, 2001 4:04 AM
Subject: Re: Using shared libraries instead of static ones...
> erik@tarzan:~/openssl-0.9.6b$ ./config shared
> erik@tarzan:~/op
Here is an example of setting a socket to non-blocking mode..
int Socket; long save_file_flags;
save_file_flags = fcntl(Socket, F_GETFL);
save_file_flags |= O_NONBLOCK;
fcntl(Socket, F_SETFL, save_file_flags);
Carlo Medas
- Original Message -
From: "Ashada Karu
Hi,
I developed a sever and client applications with openssl sucessfuly on
Mandrak linux. I want to know how to Non-blocking I/O in my programmes.
Ashada
__
OpenSSL Project http://www.openssl.org
for a self-signed certificate... NB Does NOT work for a public
webpage...
with both iis4 & iis5, i took the ca.crt and server.crt that was
generated... edited to remove the human readble stuff at the benginning
- ie down as far as the --begin certificate etc...
took the files over to my win box
>-Original Message-
>From: Steven Reddie [mailto:[EMAIL PROTECTED]]
>Sent: 22 August 2001 12:23
>To: [EMAIL PROTECTED]
>Subject: Wasn't someone joking about the virus being posted by an
>autoresponder
>
>
>At least I thought it was a joke.
>
>Steven
That was me, and it was a joke. However
>-Original Message-
>From: Nevalainen, Eric [mailto:[EMAIL PROTECTED]]
>Sent: 22 August 2001 17:20
>To: 'Robert Krenn'
>Cc: '[EMAIL PROTECTED]'
>Subject: W2k wiazrd
>
>
>Bingo!
>
>The string:
>
>bash-2.04# OpenSSL ca -out request.pem -notext -infiles certreq.txt
>where -out =the cert to be
31 matches
Mail list logo
