Hello,
My company is wishing to do communication to several (hundred) clients over
the Internet and has selected SSL as the method of securing the data. I
have successfully written an implementation using OpenSSL, however, my
implementation uses no client certificate for authentication. We need
Hello
Could you tell me where I can find the x509 & x509v3 manual?
Thank you
wbr
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automate
- Original Message -
From: "Dr. Stephen Henson" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Friday, September 06, 2002 8:23 PM
Subject: Re: PKCS7 detached signatures no longer detached in 0.9.6e
> On Thu, Sep 05, 2002, Chris Jarshant wrote:
>
> >
> > > > Which shows the "-nd" flag
On Thu, Sep 05, 2002, Chris Jarshant wrote:
>
> > > Which shows the "-nd" flag (and corresponding
> > > API, PKCS7_set_detached()) has no effect. Anyone
> > > know why? Is this a permanent change?
> >
> > The preferred method for using PKCS#7 is the high level API or the smime
> > utility, th
On Fri, Sep 06, 2002, Ingo Kappler wrote:
> Hi,
>
> what means that error messages, and where have I to look to get the
> problem solved?
>
> ###
> web:/opt/CA-PT # openssl req -x509 -newkey rsa -out cacert.pem
> -outform PEM
> Using configuration from /opt/CA-PT/openssl.cnf
> Generating a 10
On Fri, Sep 06, 2002 at 11:53:25AM -0700, Edward Chan wrote:
> I've set the SSL_CTX with the following mode,
> SSL_MODE_AUTO_RETRY. Doing so allows me to use
> SSL_read() and SSL_write() like I would normally use a
> blocking read() and write() call, right?
SSL_MODE_AUTO_RETRY only covers the ca
I have found !
I explain what's wrong (exactly, what i've understood ;) if someone have the
same pb
It was used in a FTP server application, for the data connection.
Due to a (stupid) error, the message '150 about to open data connection' was
sent AFTER SSL_accept was called.
In fact the s
I've set the SSL_CTX with the following mode,
SSL_MODE_AUTO_RETRY. Doing so allows me to use
SSL_read() and SSL_write() like I would normally use a
blocking read() and write() call, right?
So when I issue the SSL_read(), it should block if
there is no data. Seems like it is blocked, which is
ex
On Fri, Sep 06, 2002 at 11:09:44AM -0500, Eduardo Muñoz wrote:
> I think you can extract the key from the certificate
> using the following instruction:
>
> openssl rsa < certificate.pem > certkey.pem
>
> I hopoe this works
> Eduardo
No, it wont work.
'openssl x509 -pubkey
> --- "Gary W." <
On Fri, Sep 06, 2002 at 12:59:02PM +0100, [EMAIL PROTECTED] wrote:
> vf [SMTP:[EMAIL PROTECTED]] wrote:
> > Please consider to post a (short) signed message together with
> > signer's certificate. Private signing key would be great as
> > well, in case it's not used for production.
>
> OK.
>
>
I think you can extract the key from the certificate
using the following instruction:
openssl rsa < certificate.pem > certkey.pem
I hopoe this works
Eduardo
--- "Gary W." <[EMAIL PROTECTED]> escribió: > I
got my certificate from Verisine,
> but cannot find the key I generated the csr with.
> A
I got my certificate from Verisine,
but cannot find the key I generated the csr with.
At least the Moduli of the files I can find do not
match what comes from the openssl x509 command.
Can I pull a key out of the certificate or csr?
Gary
--
TV is the enemy
-- John Bradley
http://WWW-DB
You may need to update the definition files.
> perl util\mkdef.pl crypto ssl
update
> perl Configure VC-WIN32
> ms\do_masm
> nmake -f ms\ntdll.mak
Also you can try compiling a fresh copy of the latest snap
shot which several fixes.
ftp://ftp.openssl.org/snapshot/openssl-0.9.7-stable-20020
On Fri, Sep 06, 2002 at 08:15:40AM -0500, Eduardo Muñoz wrote:
> I tried using SSL_CTX_use_certificate_chain_file().
> The problem is that I keep getting the following error
> on the client side while trying to authenticate:
>
> 269:error:0B080074:x509 certificate
> routines:X509_check_private_ke
I tried using SSL_CTX_use_certificate_chain_file().
The problem is that I keep getting the following error
on the client side while trying to authenticate:
269:error:0B080074:x509 certificate
routines:X509_check_private_key:key values m
ismatch:c:\openssl\openssl\crypto\x509\x509_cmp.c:279:
I th
Thanx Lutz.
--- Lutz Jaenicke <[EMAIL PROTECTED]>
wrote: > On Fri, Sep 06, 2002 at 01:04:22PM +0100,
Umesh
> Vaidya wrote:
> > Hi Everybody,
> > I am a newbie to all this 'encryption' mania.
> > Presently I am working to enable encryption for a
> > client and server application. I have installed
vf [SMTP:[EMAIL PROTECTED]] wrote:
> Please consider to post a (short) signed message together with
> signer's certificate. Private signing key would be great as
> well, in case it's not used for production.
OK.
I loaded up the stunnel, self-signed certificate (stunnel.pem & .p12)
into the Wi
On Fri, Sep 06, 2002 at 01:04:22PM +0100, Umesh Vaidya wrote:
> Hi Everybody,
> I am a newbie to all this 'encryption' mania.
> Presently I am working to enable encryption for a
> client and server application. I have installed
> OpenSSL. But even demos are also not being compiled,
> when I compil
Hi Everybody,
I am a newbie to all this 'encryption' mania.
Presently I am working to enable encryption for a
client and server application. I have installed
OpenSSL. But even demos are also not being compiled,
when I compile as follows.
gcc serv.cpp -I /usr/local/ssl/include -L
/usr/local/ssl/lib
One of our customers uses the DEC C++ (6.0) compiler on VMS. Our code
(which uses OpenSSL functions) has to be linked to the customer's software.
After customizing the makefile, we have tried to compile the OpenSSL
toolkit with the C++ compiler, but there are a lot of typecast problems,
and pe
Hi,
what means that error messages, and where have I to look to get the
problem solved?
###
web:/opt/CA-PT # openssl req -x509 -newkey rsa -out cacert.pem
-outform PEM
Using configuration from /opt/CA-PT/openssl.cnf
Generating a 1024 bit RSA private key
.++
On Fri, Sep 06, 2002 at 09:20:37AM +0100, Colin McKinnon wrote:
> Hi all,
> I'm something of a newbie at this whole encryption game. I've set up our own
> CA here using self signed certificates, (certificates only get used within
> the company). OpenSSL works a treat, I've got stunnel securing var
On Thu, Sep 05, 2002 at 10:57:59PM +0200, Pierre Chifflier wrote:
> SSL_ERROR_WANT_READ, I must iterate on SSL_accept. I've done the following:
>
> 8<
> SSL_set_accept_state(ssl);
> fd = SSL_get_fd(ssl);
> fcntl(fd,F_SETFL,(fcntl(fd,F_GETFL)|O_NONBLOCK));
>
Hi all,
I'm something of a newbie at this whole encryption game. I've set up our own
CA here using self signed certificates, (certificates only get used within
the company). OpenSSL works a treat, I've got stunnel securing various
connections, mod_ssl running, and we've been trying out WinCrypt fo
Hi
again,
Okey,
so I have installed the WinNT DDK-kit and when I try to compile it again, it
passes the "ml.exe"-error but now there is a new error.
--
link /nologo
/subsystem:console /machine:I386 /opt:ref /dll /out:out32dll\libeay32.dll
/def:ms/LIBEAY32
25 matches
Mail list logo
