Hi,
Using OpenSSL, I would like to verify a certificate validity.
My environment is visual C++, openSSL 0.9.6g.
I need to verify :
- cert integrity
- cert date validity
- CRL (delta CRL, OCSP optional)
- chain validity
OpenSSL seems to be able to realize this with the 'verify' option.
Accordin
On Thu, Sep 19, 2002 at 01:29:59PM -0400, Greaney, Kevin wrote:
> Has anybody heard when the 0.9.7 baselevel might be released?
> I am currently at 0.9.6B (with the Security patches), and know that I
> have
> to upgrade. I would like to go directly to 0.9.7, but will stop at
> 0.9.6G if
>
But John...it will break them *how*? What are the error messages? I mean,
it *really* works for me. The OpenSSL site being down, I take the liberty
to quote the FAQ for 0.9.7:
> What is special about OpenSSL on Redhat?
> Red Hat Linux (release 7.0 and later) include a preinstalled limited
> vers
Umesh,
You can find a good (and free) resource is at:
http://csrc.nist.gov/publications/nistpubs/800-12/handbook.pdf
Eric's book on SSL is very good for SSL ( don't know if there is an Indian
edition ) and Bruce Scheneir's book "Applied Cryptography" is very good for
cryptography.
/Pankaj Kuma
Oula la!
--On Thursday, September 19, 2002 5:55 AM -0700 Admin-Stress
<[EMAIL PROTECTED]> wrote:
> After I upgraded to openssl-0.9.6g (also openssl-engine) on my RedHat
> 7.3, I got several problem.
>
> (1) qmail-pop3d can not authenticate my username and password
>
> (2) openssh (sshd) 3.4p1 a
Title: Any news on 0.9.7?
Hi,
Has anybody heard when the 0.9.7 baselevel might be released?
I am currently at 0.9.6B (with the Security patches), and know that I have
to upgrade. I would like to go directly to 0.9.7, but will stop at 0.9.6G if
0.9.7 looks to be months away.
Thank you!
I'm still pretty new to COM development, so I didn't appreciate this
nuance. See, I thought the conversion worked, because when I returned
the string, the ASP could output it just fine.
Anyway, that part seems to work now.
Again, thanks.
Mark Harvey wrote:
> Hi Tim,
>
> I think
Hi Tim,
I think the problem is that you are casting a BSTR to a char*, you need to
use a conversion routine, e.g. something like:
void somefunc(BSTR bstrText)
{
_bstr_t _bstrText(bstrText, false);
char* lpszText = (char*)_bstrText;
..
Cheers,
Mark
- Original Message -
From: "Tim Cole
keyString contains
-BEGIN RSA PRIVATE KEY-
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,2D1A4A3700D0F3ED
RAn7K9q2wwlz2vbwA9v+2I0RS/vxrwo4ldXGzWxlhGDk/yPmCZYonwo5J6WknkGa
4Th4bfSzXyOx1DJnxWDC81WQI9U59hoQZaNWQ/uvv2I691hYyV9hGe4j16nxdA6H
s/CUXXVjwBfXGBRS+tOtXk6v/Ze/n5Wp5CvUb+R210EWguSqo+zY
Well, IMHO shared libs are better because
(...as long as the API for OpenSSL does not change, which it should not...)
1) Executables using them are smaller (instead of x Megs, one has x Ks)
2) You can replace the shared libs (i.e. upgrade) without recompiling
and (generally) without ill effec
Thanks Paul, I'm busy looking at PureTLS as a solution.
-Original Message-
From: Paul L. Allen [mailto:[EMAIL PROTECTED]]
Sent: 18 September 2002 19:53
To: [EMAIL PROTECTED]
Subject: Re: apache with client certificates
"Jose Correia (J)" wrote:
>
> [...]
> On my Java side I'm using JS
What's in keyString? The error message indicates that the banner
("-BEGIN PRIVATE KEY-") is missing.
Steven
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Tim Coleman
Sent: Thursday, 19 September 2002 11:49 PM
To: [EMAIL PROTECTED]
Subject: Cre
Hi,
I've been working on making a COM object that uses OpenSSL to sign some
data that I'm using for a form of software licensing. I have code that
works fine as an executable on Windows, but when I try to make a COM
object, I can't seem to load the private key from a string. I'm not
sure if
I need to build apache w/ssl on a separate box from the server. It
would *seem* to me to be better to link the web server against static
ssl libraries than shared ones for two reasons:
1. it's easier to distributed (fewer dependencies)
2. it *feels* safer - the ssl so can't be modified u
After I upgraded to openssl-0.9.6g (also openssl-engine) on my RedHat 7.3, I got
several problem.
(1) qmail-pop3d can not authenticate my username and password
(2) openssh (sshd) 3.4p1 also can not authenticate my username and password, not root
account
Do I need to recompile ALL applications
Hi, I'm new in the apache/openssl world and I have a question (maybe it's me
but I don't understand something about client certificates authentication in
Apache)
I have Apache 2.40 with openssl 0.9.6g running in my win32 machine without a
problem.
I want to establish an extranet, and let users aut
Hi all.
I have a problem with a certificate chain and a server certificate,
I need help.
The certificate chain is formed by the Root CA Certificate and the
Subordinate CA Certificate below showed.
The server certificate is the last certificate.
I have configured apache
Hi,
I made this little guide to help for upgrading openssl on RedHat 7.3.
Please if you find any errors / corrections, just let me know.
Thanks to "David Tonhofer, m-plify S.A." <[EMAIL PROTECTED]>
Regards,
kapot
Upgrading OPENSSL on RedHat 7.3 (Simple Guide)
Hi,
I made this little guide to help for upgrading openssl on RedHat 7.3.
Please if you find any errors / corrections, just let me know.
Thanks to "David Tonhofer, m-plify S.A." <[EMAIL PROTECTED]>
Regards,
kapot
Upgrading OPENSSL on RedHat 7.3 (Simple Guide)
Hello openssl-users,
I've been searching about on and off for a few weeks, yet haven't
found a suitable way to do it, other then hacking openssl source, is
there any way to sign different CSR's with identical DN's?
--
Best regards,
evilbunny mailto:[EMAIL PROTECT
Oops! I made a mistake with part 2.
2. I'm not familiar with that package, but it probably doesn't fix the
recent Linux Slapper worm. Have a look at the package info with "rpm -qip
openssl-0.9.6c-2.i386". If the build date is before 30th July 2002 it won't.
That is the date of release of openssl-
You
should probably upgrade to 0.9.6g, see security advisories
Andreas
-Original Message-From: Bhavdeep Sharma
[mailto:[EMAIL PROTECTED]]Sent: Donnerstag, 19. September 2002
10:34To: [EMAIL PROTECTED]Subject: RE:
newbie:Binary distributions
Hi
J.P.,
OpenSSL bina
> They should have been part of the build process and should be in the
> out32dll directory. If not, try re-building or use the Win32 OpenSSL
> Installation Project (for the DLLs):
Boy do I feel stupid :-) I just found the dll's. They were placed in the
OpenSSL root folder instead of the out32dl
There are two parts to my reply.
1. The rawhide packages aren't officially supported by RedHat and will
probably break your other packages. I've used them before but not where
there have been dependencies.
2. I'm not familiar with that package, but it probably doesn't fix the
recent Linux Slapper
Hi
J.P.,
OpenSSL binary version 0.9.6b is available at many
places. I once downloaded the following
For
libs: openssl-0.9.6b-lib.zip
For
dlls: openssl-0.9.6b-bin.zip
If you
want you may download the source also. But then you need perl to compile
it.
Source:
openssl
Jean,
if you
need a win32 binary distribution look here:
http://www.shininglightpro.com/search.php?searchname=Win32+OpenSSL
If you
still have problems, I can send you my own compiled version.
Cheers,
Andi
-Original Message-From: Jean Pierre Urkens
[mailto:[EMAIL PROTECTED]]
Hi,
I would like to use OpenSSL with Apache2 (version2.0.40). Following the Apache
documentation I need OpenSSL and MODSSL.
On www.modssl.org I found a binary distribution
for Apache-2.0.39-Mod_SSL-0.9.6d-Win32.
However I can’t find a binary
distribution (win32) of OpenSSL on www.ope
I have a Linux Redhat 6.2 system running apache web server. I'm trying
to update my existing ssl implementation with openssl-0.9.6g. Existing
config was compiled from source tar.
When I type in "configure" I get:
Operating system: i586-whatever-linux2
This system (linux-elf) is not supported
28 matches
Mail list logo
