How to get extensions from request to cert?

Hi, is there a possibility to propagate the (values for) requested extensions by the CSR to the resulting cert, without mentioning them in the extension section of the config file (as long as copy_extensions doesnt work in production releases)? Gerd -- PS.: Send replies (if any) to the addre

Re: mod_ssl for Red Hat 6.2

Jian Chen wrote: > Hi, Edward, > > I also spent a long time to try to find it, and I only found one, it is: > mod_ssl-2.6.6_1.3.12-1.i386.rpm. Do a search on www.google.com, and you will > find this: > > http://www.megaloman.com/~hany/RPM/doors2.4/mod_ssl-2.6.6_1.3.12-1.i386.html > > So far, I do

listening to browser output

I am doing a lot of client programming replacing the browser by a client program. To verify my program I look at the browser output with ngrep. But in case of SSL I don't see anything. Is there a solution for this need. __ OpenS

??: NT Services

i think using ATL COM is not necessary , u just need build a normal windows service. be careful of memory leak.:) -ԭʼÓʼþ-·¢¼þÈË: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]´ú±í Anthony Chau·¢ËÍʱ¼ä: 2001Äê11ÔÂ10ÈÕ 13:23ÊÕ¼þÈË: [EMAIL PROTECTED]Ö÷Ìâ: NT Services

NT Services

Dear all,   I am a newer to OpenSSL. I am now developing a Win2K Services (also a newer on writing Services) that can decrypt a message with private key and generating key pairs. I want to ask should I use the .lib in the Services directly / need to create an ATL COM to wrap the OpenSSL

Re: mod_ssl for Red Hat 6.2

Jian Chen wrote: > Hi, Edward, > > I also spent a long time to try to find it, and I only found one, it is: > mod_ssl-2.6.6_1.3.12-1.i386.rpm. Do a search on www.google.com, and you will > find this: > > http://www.megaloman.com/~hany/RPM/doors2.4/mod_ssl-2.6.6_1.3.12-1.i386.html > > So far, I do

Need clarification on SSL_CTX_sess*() routines

msg.pgp Description: PGP message

Re: SHA1

msg.pgp Description: PGP message

Re: openssl-0.9.6b on solaris-sparcv9-cc

Hi Aslam wrote the following at 19:48 09.11.2001: >I'm trying to compile openssl-0.9.6b on solaris-sparcv9-cc.. and when I do >"make" as per the install in openssl-0.9.6b\.. I get following error message.. > >$ make >+ rm -f libcrypto.so.0 >+ rm -f libcrypto.so >+ rm -f libcrypto.so.0.9.6 >+ rm

Problems building OpenSSL (0.9.6b) on OpenBSD 2.6

I'm trying to get OpenSSL 0.9.6b working on OpenBSD 2.6 so that I can build the latest OpenSSH (I'm using the portable version as the native OpenBSD version does not build on releases before 2.6). I have installed the new OpenSSL under /usr/local/openssl, and when running the OpenSSH configure I

PKCS7 problem sending enveloped messages across network.

I think (not sure) that the problem I'm having is one of big endian and little endian. I'm trying to send out the output of a PEM_write_bio_PKCS7 to other computers (sun and Linux). I'm sending these Multicast and with loopback and the sender is always able to process the message but the receiver

INSTALL OPENSSL

Hi, i'm new in openssl world XD. I don't know how install openssl in windows. Can anyone help me? Sorry, my english is horrible. Thanks __ OpenSSL Project http://www.openssl.org User Support Mailin

Installing Secure Cert

Hi; I would have thought finding information on how to install a secure certificate from Thawte would have been *easy*, but after searching everywhere I could think for over an hour I've become dismayed :(( Hopefully someone can point me to the step-by-step procedures on how to do this routine

API's ??

For generating the certifcate and private file, I am currently using the command line interface... that is commands like "openssl genrsa ..." and "openssl req -new -x509..." etc. But, are there any openssl API's for the same? If yes, please let me know few APIs. Thanks for the assistance, Ruby

linux v/s solaris

My client_server program with SSL, works fine in Linux but fails in Solaris. In solaris, SSL_accept and SSL_connect fails with reason 1 (which is [#define SSL_ERROR_SSL 1] " I am using the cert and key file correctly. Am I missing anything else? Anyone please help! __

Re: Using "openssl" and smime with binary files

Thanks for that advice. Your suggestion led me to try the -nodetach option on both the verify and the sign operation, and I can vouch for success. I think my confusion stems from two places: - I didn't see enough of the definitions of terms to quite understand what "opaque signing" was. - Some

RE: mod_ssl for Red Hat 6.2

Hi, Edward, I also spent a long time to try to find it, and I only found one, it is: mod_ssl-2.6.6_1.3.12-1.i386.rpm. Do a search on www.google.com, and you will find this: http://www.megaloman.com/~hany/RPM/doors2.4/mod_ssl-2.6.6_1.3.12-1.i386.html So far, I do not think redhat provides a mods

Importing https certificate in Internet Explorer 6

Hi, I have a https with a secure certificate made with Openssl. I have tryied to import that certificate in Internet Explorer 6.0 so it recognize the autority as trusted. I have created a custom CA, so IE always said that the CA is not a trusted one and display a dialog window each time a user vi

Re: About how to use smime

"$B;0:j(B $BM'L@(B" wrote: > > Hello all, > > I am using openssl-0.9.6b. > It does not operate well by smime of openssl. > Is usage wrong? > > $ openssl smime -sign -inkey key.pem -signer cert.pem -certfile cacert.pem -in >mail.txt -out mail.p7m > $ openssl smime -verify -CAfile cacert.pem

Re: Using "openssl" and smime with binary files

david wrote: > > Folks > > As part of an exploration, I have used the openssl command line tool in > Redhat 7.1 and successfully: > - created a self-signed ca cert > - created an end-entity cert > - Using openssl smime, I've signed a text message. > - Using openssl smime, I've verified the text

[no subject]

Hi   I can´t find popsig and pushsig in file crypto/des/read_pwd.c ( version 0.96b ) any ide where to get the missing code. Note it´s  static void declared in read_pwd.c. My enviroment is RedHat 7.1 and linux-elf with Intel PentiumPro.     Best. Reg.   Jan Holmberg sysadm artech    

Re: SHA1

On Sun, Nov 11, 2001 at 10:08:16AM -0500, Rich Salz wrote: > > $ echo "password" |openssl dgst -sha1 -binary| openssl base64 > > You've got a newline there; try > echo 'password' | tr -d '\012' | openssl dgst use echo with option -n -n is no new-line echo -n "password" |openssl dgst

dont want private key of the client in the ldap

Hi everybody,     I trying to do client authentication using self signed CA and client certificates. I want to store the client certificate in the ldap entries. The CA certificate is in the web server. I followed the below mentioned steps to create the CA and client certificates :   CA Cert

Using "openssl" and smime with binary files

Folks As part of an exploration, I have used the openssl command line tool in Redhat 7.1 and successfully: - created a self-signed ca cert - created an end-entity cert - Using openssl smime, I've signed a text message. - Using openssl smime, I've verified the text message And that took some doin

Re: SHA1

> $ echo "password" |openssl dgst -sha1 -binary| openssl base64 You've got a newline there; try echo 'password' | tr -d '\012' | openssl dgst -- Zolera Systems, Securing web services (XML, SOAP, Signatures, Encryption) http://www.zolera.com __

Re: self-signed certificate for virtual webserver

On Fri, Nov 09, 2001 at 03:17:39PM +0100, Jakub Jermar wrote: > Hi, I am trying to generate a self-signed certificate for one of my > virtual webservers. > The problem is that no matter what I enter as CN when asked by the > second command below, > the certificate is not created for the hostname I

openSSL lib

Hi guys, I was able to built openSSL on Win2k platform with no problems. Currently, I am using openSSL to encode a file where I store sensitive information (password to a server). I am storing password in passwd.smime file, and I decrypt the file with my private key - pk8. So, every time I need

Re: SHA1

On Wed, Nov 07, 2001 at 05:32:48PM -0500, Dane Foster wrote: > Hello, > I'm not on the list but I'm hoping someone can help me nonetheless. > > I'm a Java programmer working w/ OpenLDAP on Linux. OpenLDAP supports the > use of hashed passwords for binding, unfortunately it does do the hashin

mod_ssl for Red Hat 6.2

Hello, Where can I get the rpm package of mod_ssl for install with Red Hat 6.2 ? Thanks, Edward. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PRO

About how to use smime

Hello all, I am using openssl-0.9.6b. It does not operate well by smime of openssl. Is usage wrong? $ openssl smime -sign -inkey key.pem -signer cert.pem -certfile cacert.pem -in mail.txt -out mail.p7m $ openssl smime -verify -CAfile cacert.pem -in mail.p7m THIS IS TEST. Verification Successful

SHA1

Hello, I'm not on the list but I'm hoping someone can help me nonetheless. I'm a Java programmer working w/ OpenLDAP on Linux. OpenLDAP supports the use of hashed passwords for binding, unfortunately it does do the hashing for you so this is where my direct use of OpenSSL comes in. As a sim

openssl-0.9.6b on solaris-sparcv9-cc

I'm trying to compile openssl-0.9.6b on solaris-sparcv9-cc.. and when I do "make" as per the install in openssl-0.9.6b\.. I get following error message..   $ make+ rm -f libcrypto.so.0+ rm -f libcrypto.so+ rm -f libcrypto.so.0.9.6+ rm -f libssl.so.0+ rm -f libssl.so+ rm -f libssl.so.0.9.6m

Building openssl on SCO 3.2v4.3

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Greetings, I am not sure if this is the correct place to ask the question, please forgive me if it is not. I have tried google searching for SSL + SCO and found nothing I am trying to build Openssh on SCO 3.2v4.2, and that requires OpenSSL When I

self-signed certificate for virtual webserver

Hi, I am trying to generate a self-signed certificate for one of my virtual webservers. The problem is that no matter what I enter as CN when asked by the second command below, the certificate is not created for the hostname I want (admin.frakira.cz, but for lexus.frakira.cz, which is the machine'

SSL_CTX_set_client_CA_list

  Hi everyone,   I’m trying to implement client authentication with OpenSSL client & server. Everything works fine: server asks for client’s certificate, gets it & verification successes too. The only problem is that I can’t make client to send to the server certificate that matches one

SSL_CTX_set_client_CA_list

  Hi everyone,   I’m trying to implement client authentication with OpenSSL client & server. Everything works fine: server asks for client’s certificate, gets it & verification successes too. The only problem is that I can’t make client to send to the server certificate that matches one

certificate format.

How can I find out the format of a certificate from a C program? thanks, -- vijo __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated L

test mail...

__ Do You Yahoo!? Find a job, post your resume. http://careers.yahoo.com __ OpenSSL Project http://www.openssl.org User Support Mailing List

Re: ssl reconnection problem

On Tue, Nov 06, 2001 at 03:52:07AM -, ganesh kumar godavari wrote: > i am working on a ssl server, upon getting a request from the client, the >server is succesfully serving the request. if i am going to use the same process for >serving another request from the same/different client I

Re: opaque data in SSL_CTX or SSL

On Wed, Nov 07, 2001 at 12:00:29PM -0800, Rahul S wrote: > Is there any way I can keep my own user data ( opaque data) in either SSL_CTX or >SSL. > I want to associate one of my pointer with either SSL_CTX or SSL , so that I >could later retrieve the same given a SSL_CTX or SSL. > I am w

Triple DES Question

Does anyone know if there is a problem with using the same buffers for input and output with the des_ecb3_encrypt function? I have tested it and it is working fine, but I just want to ensure this won't cause some unforseen problems in the future. The documentation doesn't say a word about it

RE: Apache-SSL Installation questions

Chris - This is from the FAQ at http://www.openssl.org/support/faq.html#MISC4 - 4. Where can I get a compiled version of OpenSSL? Some applications that use OpenSSL are distributed in binary form. When using such an application, you don't need to install OpenSSL yourself; the application wil

Re: OpenSSL exception linking MSVCRT but not MSVCRTD

Has anyone come up with a solution for this? I've seen the same thing with openssl built with visual c++. >From: Kim Majikes Subject: OpenSSL exception linking MSVCRT but not MSVCRTD >Date: Wed, 31 Oct 2001 07:16:31 -0800 > > >I'm having problems when running some OpenSSL commands from the comm

Solaris 2.3 and ftime

Hi, I've recently inherited a lab with old Sparc 5s and 2s running Solaris 2.3. The researcher won't let me upgrade the OS or replace some of the machines...*&^$! Nevertheless, I upgraded the compiler to gcc 3.0.2 and started to install openssl-0.9.6b. Unfortunately I've run into the infamous "un

SSL_CTX_set_client_CA_list

  Hi everyone,   I’m trying to implement client authentication with OpenSSL client & server. Everything works fine: server asks for client’s certificate, gets it & verification successes too. The only problem is that I can’t make client to send to the server certificate that matches one