On Thu, Aug 29, 2002 at 02:42:20AM +0200, Dr. Stephen Henson wrote:
> The Netscape Cert Type is an old non standard extension which some
> software ignores.
>
> The standard way to do this stuff is with extended key usage and
> the appropriate usage, clientAuth in this case.
>
Brilliant! That d
> It would take some extensions to the certificate verification code
> to change the behaviour. I don't know how large the interest is
> in such an extension.
Pick me!
--
Harald Koch <[EMAIL PROTECTED]>
"It takes a child to raze a village."
-Michael T. Fry
__
On Thu, Aug 29, 2002 at 10:21:39AM -0400, Shaheed Bacchus wrote:
> that's the general direction i was slowly moving towards.
> i guess one question that i have is since i have to use my
> code to do the verification process anyhow, is there any
> advantage to even using the X509_verify_cert() call
Dear Ovais and openssl users.
Please ignore my post concerning ssl problem as I have now resolved the problem by
using ssh instead.
Many thanks for your help
Regards
Chris
On Wed, Aug 28, 2002 at 12:09:47PM -0700, [EMAIL PROTECTED] wrote:
> Hi Chris,
>
> BTW which OS are you trying to acco
Hi Nils,
I have put my doubt in the mail trail below inside
__
my comments
__
Please let me know what you think.
Vignesh
that's the general direction i was slowly moving towards.
i guess one question that i have is since i have to use my
code to do the verification process anyhow, is there any
advantage to even using the X509_verify_cert() call?
thanks once again.
Lutz Jaenicke wrote:
>
> OpenSSL does not support
On Thu, Aug 29, 2002 at 09:10:47AM -0400, Shaheed Bacchus wrote:
> you are correct, "issuer" is not self signed (in fact it's
> the cert that's provided by default with openssl in the
> apps/demoCA dir). so how do i tell the verification
> routine to not walk further down the tree? ideally i
hi lutz,
you are correct, "issuer" is not self signed (in fact it's
the cert that's provided by default with openssl in the
apps/demoCA dir). so how do i tell the verification
routine to not walk further down the tree? ideally i'd
like to give it a cert that may or may not be self signed
and
On Wed, Aug 28, 2002 at 11:25:51AM -0400, Shaheed Bacchus wrote:
> Shaheed Bacchus wrote:
>
> > hi all,
> > i am having some problems getting certificate verification to
> > work. i have two certs
> >
> > X509 *client;
> > Subject: /C=AU/ST=Some-State/O=Internet Widgits Pty Ltd/CN=MyTest
> > Iss
See the license in the Distrib:
bash-2.05$ more LICENSE
LICENSE ISSUES
==
The OpenSSL toolkit stays under a dual license, i.e. both the
conditions of
the OpenSSL License and the original SSLeay license apply to the toolkit.
See below for the actual license texts. Act
[EMAIL PROTECTED] wrote:
>
> Hi friends,
>
> RSA_check_key() cores.
RSA_check_key() expects a private key => the RSA structure
must contain valid rsa->p and rsa->q entries otherwise
RSA_check_key() will always produce a core dump
( without p and q you can not verify that a RSA key is valid,
bu
On Thu, Aug 29, 2002 at 10:32:46AM +0200, Vaclav Ovsik wrote:
> On Thu, Aug 29, 2002 at 05:21:39PM +1000, Reddie, Steven wrote:
> > We have some code that was working with OpenSSL 0.9.6d this morning. Now
> > that I've upgraded to 0.9.6g it's failing.
> >
> > OBJ_txt2nid("2.5.29.17") is now retu
On Thu, Aug 29, 2002 at 05:21:39PM +1000, Reddie, Steven wrote:
> We have some code that was working with OpenSSL 0.9.6d this morning. Now
> that I've upgraded to 0.9.6g it's failing.
>
> OBJ_txt2nid("2.5.29.17") is now returning 0 instead of the expected 85
> (NID_subject_alt_name).
>
> OBJ_ni
Chasing down the licencing requirements for openssl, on the site, in
the FAQ, and in the list archive, I've so far only found my way to the
generic "Apache-style" licence at:
http://www.opensource.org/licenses/index.php
It seems odd giving credit to Apache for OpenSSL, unless they are the
We have some code that was working with OpenSSL 0.9.6d this morning. Now
that I've upgraded to 0.9.6g it's failing.
OBJ_txt2nid("2.5.29.17") is now returning 0 instead of the expected 85
(NID_subject_alt_name).
OBJ_nid2sn(NID_subject_alt_name) does return "subjectAltName".
It seems that the ma
15 matches
Mail list logo
