Yes, this we use as well.
Using LDAP for the authentication, including certs, allows to forget the
CRL-stuff, if you need it for authentication on a server or portal.
And, compared to CRLs, it is much more real time.
Am 2002-11-25 7:53 Uhr schrieb "Jimi Thompson" unter <[EMAIL PROTECTED]>:
...
>
When running this test program I wrote, I _sometimes_ get
an error return by SSL_CTX_new(). The error msg is:
"SSL routines:SSL_CTX_new:library has no ciphers"
Louis Solomon
[EMAIL PROTECTED]
source and binaries of test program avail from:
http://www.steeelbytes.com/temp/openssl_bug_test.zi
Hi Everyone,
On Tru64, while using the des_key_schedule structures for the private session key
encryption using a public key (of type RSA pub key), is there anything different I have
to code as opposed to the other machines. While I was debugging, the des_key_schedule
structures size returned two
On Sun, Nov 24, 2002 at 09:29:09PM -0800, Jimi Thompson wrote:
> It is also interesting to note that for practical purposes Certificate
> Revocation Lists are invalid. While they do exist and are part of the
> standard, very few applications are written to take advantage of them.
Once
> a certific
On Sun, Nov 24, 2002 at 09:29:09PM -0800, Jimi Thompson wrote:
> It is also interesting to note that for practical purposes Certificate
> Revocation Lists are invalid. While they do exist and are part of the
> standard, very few applications are written to take advantage of them. Once
> a certifi
So Microsoft, trying to be "clever" again, seems to have fooled
me into thinking the chain could be in the file, whereas
now I know it isn't in my example file and I suspect it can
never be. If anyone can confirm this, I'd be interested.
Sebastian,
This is indeed the case. The
- Original Message -
From: "Vadim Fedukovich" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Sunday, November 24, 2002 12:46 PM
Subject: Re: Converting own CA certificate to pkcs12
> On Fri, Nov 22, 2002 at 01:50:37PM -0500, Chris Jarshant wrote:
> > You can't convert a public key ce
--- Geoff Thorpe <[EMAIL PROTECTED]> wrote:
> The ENGINE is a sort of container for implementations of the various
> ***_METHOD implementations, and the "method" tables have always worked
> this way too. Ie. upon creation, a structure is linked to a function
> table that handles processing. In
On Fri, Nov 22, 2002 at 01:50:37PM -0500, Chris Jarshant wrote:
> You can't convert a public key certificate into a PKCS12 file -
> the openssl pkcs12 routine *requires* a private key to be in such
> a file along with the public key, which you cannot have (CAs don't
> give out their private keys).
Well, I think I've figured it out by myself now. I found
and read some information about the way Windows verifies
certificates (trying to build a certificate chain with
the certificates from its "trusted" store(s), assigning
preference values to the chains found, and such). It
> I'm curious. You say your CA gave you a PKCS12 file with
> a cert in it, *and* a private key in it? Whose private key
> did they give you? If it's yours, then you've just opened a huge security
> hole by allowing them access to your private key. If it's someone
> else's, can you send it to m
> In message <[EMAIL PROTECTED]> on Sat, 23 Nov 2002 13:36:43
>-0500, Geoff Thorpe <[EMAIL PROTECTED]> said:
>
> geoff> But then we already knew that - Peter Gutmann had pointed out in the past
> geoff> that a single write of zeroes to disk or memory doesn't protect against
> geoff> the previou
In message <[EMAIL PROTECTED]> on Sat, 23 Nov 2002 13:36:43
-0500, Geoff Thorpe <[EMAIL PROTECTED]> said:
geoff> But then we already knew that - Peter Gutmann had pointed out in the past
geoff> that a single write of zeroes to disk or memory doesn't protect against
geoff> the previous values be
13 matches
Mail list logo
