RFC2459 was obsoleted by RFC3280 - so just read this one.
Regards, Jochen.
> This is a general problem with the ISO documentation. The IETF
> response was to generate a "profile" of X.509 for use in the
> Internet; this document was also designed to give readers enough
> information to skip rea
This is a general problem with the ISO documentation. The IETF
response was to generate a "profile" of X.509 for use in the
Internet; this document was also designed to give readers enough
information to skip reading the ISO document itself.
Suggest you read this document:
Internet X.509 Public
on 10/29/02 11:44 AM, [EMAIL PROTECTED] purportedly said:
> I've just found another post on the ml archives
> concerning my problem, but didn't find any reply, so:
>
> root@hwsx:~/.cpan/build/Crypt-SSLeay-0.45# make test
>
> PERL_DL_NONLAZY=1 /usr/bin/perl -Iblib/arch -Iblib/lib
> -I/usr/lib/per
Hi,
There is reference to ISO 15782-2 standard in the X.509 and X9.68
documentation. This standard describes certificate verification
process. I try to find this document, but meet only payd links. The
price of 122 CHF is so expencive. Can anybody help me with this
document?
--
Andrew
__
Howard,
My understanding is that there is no implied
relationship between the request and response signing certificates and any
certificates being verified. The
request and response certificates just need to be verifiable on their own by
the recipient. That assures that
the request o
Mike...
In the log you send shows:
-The countryName field needed to be the same in the
-CA certificate (AU) and the request (US)
that's mean that you have in your configuration file (openssl.cnf)
a sentence that don't let that the CA authority be from another country
that the country of the clie
On Wed, Oct 30, 2002, Joerg Bartholdt wrote about "Re: SUN Crypto Accelerator +
OpenSSL":
> Edward Chan wrote:
>
> > Hmm, so does that mean with the SUN Crypto Accelerator
> > 1000 card, we would specify "ubsec" when initializing
> > the engine?
>
> I tried
>
> openssl speed -engine ubsec
>
>
Edward Chan wrote:
> Hmm, so does that mean with the SUN Crypto Accelerator
> 1000 card, we would specify "ubsec" when initializing
> the engine?
I tried
openssl speed -engine ubsec
but it complained as with any other engine id:
can't use that engine
4683:error:25067066:DSO support routines:DL
Hi everybody,
OpenSSL 0.9.7b3 tells me "error=24 (invalid CA certificate)" in the
verify_callback when I use a certificate chain where the CAs are X509
version 1 (i.e. they are missing the X509v3 extension that says that
the CA certificate is good for signing other public keys).
I checked the c
Hi
your should check openssl.cnf file find policy section and change your
countryName = match to something like this "supplied or optional" depends on
policy
Anton
-Original Message-
From: MikeCC [mailto:mikecc@;atrek.org]
Sent: Wednesday, October 30, 2002 07:02
To: [EMAIL PROTECTED]
Subjec
Hello,
I am trying to create a signed client certificate, but when I execute the
command
openssl ca -in req.pem -out newcert.pem
The newcert.pem file is created but it is created as an empty file.
Here is what I see on the display:
/openssl-engine-0.9.6g/apps > openssl ca -in req.pem -out new
11 matches
Mail list logo
