SSL_ERROR_SYSCALL and SSL_ERROR_SSL

2002-08-28 Thread Jonathan Hersch
Hi, Can anyone clarify the semantics of how to handle these errors? Sometimes they seem to mean retry the read/write, sometimes EOF, sometimes an error indicating time to shutdown. I've seen errno values come back of EAGAIN, ECONNRESET, and EPIPE, as well as EAGAIN. I keep adding more special

Re: Does IE acknowledge nsCert?

2002-08-28 Thread Dr. Stephen Henson
On Thu, Aug 29, 2002, Jason Haar wrote: > I'm trying to build an internal PKI, and have found that the effort I > went through to stop people using SSL client certs for SMIME appear to have > been in vain... > > Outlook Professional appears to ignore the nsCert setting, as when you view > the ce

Re: OpenSSL and iplanet problems - Updates

2002-08-28 Thread Dr. Stephen Henson
On Wed, Aug 28, 2002, Ashwin C Uthappa wrote: > Hi All, > Just some updates on my iPlanet problems with SSL. For those who came > in late, a quick recap!! > > I intend to carry out SSL communication (NOT web transactions) between a > communication application and a engine. In the actual produ

Does IE acknowledge nsCert?

2002-08-28 Thread Jason Haar
I'm trying to build an internal PKI, and have found that the effort I went through to stop people using SSL client certs for SMIME appear to have been in vain... Outlook Professional appears to ignore the nsCert setting, as when you view the cert details it says that the cert allows basically eve

Re: Preserving subjectAltName from CSR to cert?

2002-08-28 Thread Dr. Stephen Henson
On Wed, Aug 28, 2002, Bumpass, Brian wrote: > It has been some months since this issue has been addressed. Have any > changes/fixes/work-arounds been put forth over this time. If not could > someone provide code snippet on how one could preserve "subjectAltName" > information from CSR to CERT?

Re: how to verify data is really encrypted?

2002-08-28 Thread gunga
You can use either a sniffer or the tcpdump utility. See http://www.tcpdump.org/ I personally prefer to use tcpdump due to its small footprint and wide availability... Regards, -Ovais On Wed, 28 Aug 2002, Edward Chan wrote: > Hi there, > > I'm done implementing SSL support in my server. It

Re: how to verify data is really encrypted?

2002-08-28 Thread Tim Regovich
Ed, You have several simple options. The most reliable option is to use a packet sniffer on your client machine and look at the data that is being exchanged. Tim --- Edward Chan <[EMAIL PROTECTED]> wrote: > Hi there, > > I'm done implementing SSL support in my server. It > appears the that whe

RE: how to verify data is really encrypted?

2002-08-28 Thread Moffet, Scott
get a sniffer or a packet analyzer > -Original Message- > From: Edward Chan [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, August 28, 2002 4:54 PM > To: [EMAIL PROTECTED] > Subject: how to verify data is really encrypted? > > > Hi there, > > I'm done implementing SSL support in my serve