Re: which SSL function

2003-07-16 Thread Lutz Jaenicke
On Wed, Jul 16, 2003 at 09:53:24PM -0400, Jue (Jacky) Shu wrote: > hi all, > > which SSL function can return peer's DNS or FQDN name, such as get client's name on > server side? There is no SSL_() function available. You have to retrieve the X.509 certificate presented and handle it using the X5

RE: serialNumber in subjectDN

2003-07-16 Thread Tomasz Śnieżyński
Thanks a lot Christian! Finaly it's working! Tomek -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Christian Hohnstaedt Sent: Wednesday, July 16, 2003 5:33 PM To: [EMAIL PROTECTED] Subject: Re: serialNumber in subjectDN add serialNumber to [ req_disting

RE: Signing a CSR from JetDirect

2003-07-16 Thread David Schwartz
> On Mon, Jul 14, 2003 at 11:35:01AM -0600, Bob DeBolt wrote: > > > It seems to me that it is in the best interest of the major > > > CAs to not offer wildcard certificates; that way, they can > > > charge their outrageous prices for each certificate that you > > > need, and when you happen to c

Re: Signing a CSR from JetDirect

2003-07-16 Thread Jason Haar
On Mon, Jul 14, 2003 at 11:35:01AM -0600, Bob DeBolt wrote: > > > It seems to me that it is in the best interest of the major > > CAs to not offer wildcard certificates; that way, they can > > charge their outrageous prices for each certificate that you > > need, and when you happen to change

which SSL function

2003-07-16 Thread Jue (Jacky) Shu
hi all, which SSL function can return peer's DNS or FQDN name, such as get client's name on server side? Thx a lot. Jacky ©zt’,úèç-†Ûiÿü0Š^žË%¢¸±êÒºšh®ÓŠX§€¸¬¶Š^žË%ºÇ«²Š^žË%¢¸ºÚ&jם.+-1©Úêæj:+v‰¨¢—§²Éh®

Re: agent for certificate request

2003-07-16 Thread Charles B Cranston
David Mattes wrote: actually, i want to have a program running on the client that generates the CSR and signs the request with a smartcard. i don't want the certificate tied to the private key on the smartcard, but the holder of the smartcard is authorized to request certificates, and no one e

Re: CRL problem

2003-07-16 Thread Dr. Stephen Henson
On Tue, Jul 15, 2003, Jue (Jacky) Shu wrote: > Thx austin, > i searched the mail-list and read the same thread. :-) > My problem still exists because no matter i use a revoked certificate on > client side or not, i get the same error if i enable crl check. so i > think there must be sth. wrong in