Jörn,
> >The task: now we want to set up mailinglists (server side)
> >like "[EMAIL PROTECTED]" where some users of our company and
> >some from a customer should be able to write signed and
> >encryted emails and everybody on the list should be able to
> >read it.
> >
> >The question is how shou
hi,
i have a problem which i would like your help in solving. In my client-server
application the client uses java jsse and server uses openssl. The application needs
both sides to be authenticated. Also it requires that the session be cached as the
client requires multiple connection to t
Hi,
OCSP stands for Online Certificate Status Protocol. This, as the name
suggests specifies a protocol to obtain the Status of a Certificate Online.
There can be many reasons for a certificate to become invalid even before
its actual lifetime for which it was issued. These may be Key Compromis
In Makefile.ssl I find the following:
@if [ -n "$(SHARED_LIBS)" ]; then \
tmp="$(SHARED_LIBS)"; \
for i in $${tmp:-x}; \
do \
if [ -f "$$i" ]; then \
( echo installing $$i; \
"GOLDING,CHARLTON (Non-HP-Corvallis,ex1)" wrote:
>
> Thank you.
>
> Sorry, I didn't detail the situation well.
>
> The output file can be .pem that's not a problem, the internal format needs
> to be pkcs7.
>
The certificate creation utilities in OpenSSL don't have an option to
package a certi
Thank you.
Sorry, I didn't detail the situation well.
The output file can be .pem that's not a problem, the internal format needs
to be pkcs7.
What I was asked to do is take a Linux box with OpenSSL already installed on
it and set it up as a Root or Certificate Authority to supply certificate(s
On Thu, 7 Mar 2002, Damian Hesse wrote:
> Hi everybody,
>
> we have set up our own CA and generated for everybody
> user certificates for secure communication. It really works
> fine.
>
> The task: now we want to set up mailinglists (server side)
> like "[EMAIL PROTECTED]" where some users of our
On Thu, 7 Mar 2002, Dr S N Henson wrote:
> Vadim Fedukovich wrote:
> >
> > Hello,
> >
> > would this construct
> >
> > ASN1_SEQUENCE(SomeTypeDefinition) = {
> > ASN1_IMP(, someFieldName, ASN1_FBOOLEAN, N)
> >
> > be fine for "someFieldName [N] BOOLEAN DEFAULT FALSE" in ASN.1?
> > Should one use
Vadim Fedukovich wrote:
>
> Hello,
>
> would this construct
>
> ASN1_SEQUENCE(SomeTypeDefinition) = {
> ASN1_IMP(, someFieldName, ASN1_FBOOLEAN, N)
>
> be fine for "someFieldName [N] BOOLEAN DEFAULT FALSE" in ASN.1?
> Should one use ASN1_IMP_OPT() instead?
>
You should always use OPT with
>
> If this can be done currently, can someone provide some details?
>
What I presume you want to do is to package some certificates in a
binary PKCS#7 structure, which is what .p7b is. To do this you can call:
openssl crl2pkcs7 -nocrl -certfile cert1.pem -certfile cert2.pem
-certfile cert3.p
Brandon Amundson wrote:
>
> I tried to do this;
>
> << how can you get your CA to appear in the list of acceptable ca names?
>
> The FAQ gives the reason for this and some more info. What it doesn't
> > say is how to add your CA to the trusted list of IIS. IIRC you can do
> > this via the certi
> Liam Walker wrote:
>
>
> $ openssl pkcs7 -in LiamWalker.p7b -inform DER -out LiamWalker.pem
> -outform PEM
>
This command is converting a PKCS#7 structure from DER to PEM format...
> This generated the appropriate output files so I assume they are ok.
> openssl pkcs7 with -print_certs was a
Hi,
If this can be done currently, can someone provide some details?
I did look though the list:
http://www.mail-archive.com/openssl-users@openssl.org/
I didn't find an answer there, but have found a draft
at
http://www.openssl.org/docs/HOWTO/certificates.txt
that mentions genera
Hi everyone,
Having some trouble with openssl
smime...
Goal: To use openssl to create smime messages so
that I can send encrypted email to people from the command line with aid of
sendmail or something similar.
Problem: I'm getting errors using openssl smime and
I don't know why. Belo
Can someone please help a poor newbie understand exactly what this is
for and how it's used? I've tried looking at the documentation, but I
feel like I'm drowning, probably because I'm trying to understand the
details, but not quite getting the simple stuff,..
Thanks in advance,
Issac
_
At 21:41 07.03.2002 +0100, you wrote:
>Hi everybody,
>
>we have set up our own CA and generated for everybody
>user certificates for secure communication. It really works
>fine.
>
>The task: now we want to set up mailinglists (server side)
>like "[EMAIL PROTECTED]" where some users of our company
Hi everybody,
we have set up our own CA and generated for everybody
user certificates for secure communication. It really works
fine.
The task: now we want to set up mailinglists (server side)
like "[EMAIL PROTECTED]" where some users of our company and
some from a customer should be able to
As I mentioned previously, I was mistaken in that I had made a "SSL Email"
cert request from a free-email address. Much to my chagrin, I am now the
technical contact on some "SSL Server" requests, and I can tell everyone
here, first hand, that it is amazing how thorough you guys are in verifying
Hello,
I'm a new user and trying to install and configure OpenSSL for iPlanet 4.1 web
server on solaris 5.7 platform. I did installed the Openssl openssl-0.9.6c and
don't know how to proceed next to get certificate and install.
I appreciate any help.
-Prasanna
_
I tried to do this;
<< how can you get your CA to appear in the list of acceptable ca names?
The FAQ gives the reason for this and some more info. What it doesn't
> say is how to add your CA to the trusted list of IIS. IIRC you can do
> this via the certificate import wizard, something like cli
hi,
your problem is in the "index.txt" file (located in your CA-directory). The individual
entries in each line of that file must absolutely be separated by TABs, not by spaces!
Your "index.txt" probably got messed up, meaning that the tabs were converted to
spaces (maybe you saved it from a t
Maybe what he's after is compartmented security or mandatory access controls on
the single host.
It would be an OS level thing to approach an orange book B level. If he's using
Linux then a place to start would be:
http://www.nsa.gov/selinux/index.html
-Lance Nehring
New Particles Corporat
Maybe what he's after is compartmented security or mandatory access
controls on
the single host.
It would be an OS level thing to approach an orange book B level. If
he's using
Linux then a place to start would be:
http://www.nsa.gov/selinux/index.html
-Lance Nehring
New Particles Corporat
Hi!
I' m experiencing
difficulties while trying to sign a certificate request (openssl ca -keyfile
./private/caKey.pem -in ./private/gatewayReq.pem -out gatewayCert.pem -outdir
./certs). The error message is: wrong number of fields on line 2 (looking for
field 6, got 1, '' left)
Who can
Hi,
I'am trying to authenticate clients connecting to my server.
[06/Mar/2002 18:45:19 25124] [info] Connection to child 3 established
(server hub-1.trema.com:443, client 66.54.34.7)
[06/Mar/2002 18:45:19 25124] [info] Seeding PRNG with 512 bytes of
entropy
[06/Mar/2002 18:45:19 25124] [trace]
Dr S N Henson wrote:
>
> Brandon Amundson wrote:
> >
> > I am trying to sign a server cert from IIS 5.0 with my CA (openssl) that
> > runs on my linux webserver.
> >
> > I have successfully signed the cert and move it back into IIS but when I go
> > to access the site, the certificate dialog
> >
Hello openssl-users,
this issue seems to treat openssl-dev subscription, but i wouldn't
bother them with possibly stupid discussion.
so, i'd like you to disscuss (or say why not): is it possible to use
PGP within opensssl(OpenPGP) and how, if it is?
As you may now, TLSv1 specifica
27 matches
Mail list logo
