Re: openSSL 0.9.7a possible install error

2003-02-21 Thread David Schwartz
On Thu, 20 Feb 2003 10:53:49 +, Andrew Marlow wrote: >Yes, it's annoying that OpenSSL did this, but there it is. >OpenSSL 0.9.7 has this file in the source tree, it just doesn't >install it! Because this file is for OpenSSL internal use only. >OpenSSL 0.9.6 installs it properly, so I

Re:Multithreaded; how to abort during read?

2003-02-21 Thread David Schwartz
On Wed, 19 Feb 2003 22:49:03 +0900 (JST), [EMAIL PROTECTED] wrote: (B (B>I think, you must close socket, for finishing SSL_read(). (B>Ya..., It's not a "gentle" way. (B>Or, may be you can use non-blocking sockets. (B (BNO! Do not *ever* close a socket in one thread while it is bei

Certificate question

2003-02-21 Thread Slighter, Tim
Title: Certificate question Does anyone out there have detailed information on how one could accomplish the following: Create one OpenSSL certificate that functions as a SERVER Certificate and the Root CA at the same time? In other words, I go through the process of generating a newreq.pe

Re: Loading a stack of trusted CAs

2003-02-21 Thread Dr. Stephen Henson
On Fri, Feb 21, 2003, Austin Krauss wrote: > Hello all, I've used the PKCS12_parse( ) function to obtain a stack of CA >certificates from a PKCS12 buffer. Now I'd like to load these certificates as trusted >CAs in my SSL_CTX object. My first attempt at this goes something like: > > /* And add

Loading a stack of trusted CAs

2003-02-21 Thread Austin Krauss
Hello all, I've used the PKCS12_parse( ) function to obtain a stack of CA certificates from a PKCS12 buffer. Now I'd like to load these certificates as trusted CAs in my SSL_CTX object. My first attempt at this goes something like:     /* And add the CAs to our trusted stack */  cert_store =

Re: Defining arbitrary extensions

2003-02-21 Thread Dr. Stephen Henson
On Fri, Feb 21, 2003, Hadmut Danisch wrote: > On Fri, Feb 21, 2003 at 02:44:10PM +0100, Dr. Stephen Henson wrote: > > > in the first part (before any sections). Then add something like: > > [init_section] > > oid_section=asn1_oids > > [asn1_oids] > > whatever_oid=1.2.3.4 > > > > to then end of t

Re: Defining arbitrary extensions

2003-02-21 Thread Hadmut Danisch
On Fri, Feb 21, 2003 at 02:44:10PM +0100, Dr. Stephen Henson wrote: > in the first part (before any sections). Then add something like: > [init_section] > oid_section=asn1_oids > [asn1_oids] > whatever_oid=1.2.3.4 > > to then end of the config file. The objects added should then be visible to > a

Re: Defining arbitrary extensions

2003-02-21 Thread Dr. Stephen Henson
On Fri, Feb 21, 2003, Hadmut Danisch wrote: > Hi, > > I have a question about defining arbitrary extensions. > I want to generate certificates with a new extension, so > I defined something like > > [ OIDs ] > > kurz= 1.3.6.1.4.1.11009 > > > but it doesn't work as expected: > >

Defining arbitrary extensions

2003-02-21 Thread Hadmut Danisch
Hi, I have a question about defining arbitrary extensions. I want to generate certificates with a new extension, so I defined something like [ OIDs ] kurz= 1.3.6.1.4.1.11009 but it doesn't work as expected: - If I have an entry like kurz = "kurz" in an distinguish