Re: SSL connection handshake and ENGINE

Well, it's my own ENGINE not one priveded by OpenSSL. BTW, the private key is a software private key, so I guess something is wrong with my ENGINE or the way I use the software private key. Olivier On Fri, 2003-07-18 at 18:26, Dr. Stephen Henson wrote: On Fri, Jul 18, 2003, Michiels Olivier w

RE: FQDN

> Thank you, David and Steve. > Yes, it will be a big problem if someone spoof DNS, > but it can prevent man-in-the-middle to some extent. No, it cannot. > If the DNS is sabotaged, what can we do? > What should I believe? :-) You should ignore the DNS entirely. If you receive a

[HOWTO] Use Open SSL Cert in IIS

Hello Everyone, just wanted to contribute a short HOWTO as I have been spending the last few days reading google groups, the openssl HOWTOs and didn't really find a good one that teaches you how to get it done... any comments appreciated! anyway, great work OpenSSL team! How to use OpenSSL to ac

Client certs

Hi, i am trying to use openssl under mysql. I finally compile everything and they looks ok. At the PC of the mysql-server i create a signed-certificate for the server and a signed-certificate for a client. When i connect to the mysql from the console of the PC everything works fine. But when

Seeding the random number generator

Hi, I'd like to know how can I seed the random number generator as the man page of RSA_public_encrypt asks to do. Sorry if my question is too basic, but it has not been easy to find an answer by myself. Mateus. __

Re: Is X509_check_issued too strict?

On Tue, Jul 22, 2003, Julio Sanchez Fernandez wrote: > I was experimenting with replacing certificates and I found it is harder > that it seems. > > I replaced a self-signed certificate with a new one (changing a couple > of extensions, such as CRL distribution points, etc.) and now the > subordi

Re: 0.9.7.b test failure on w2k using DLL's

openssl-0.9.7-stable-SNAP-20030722 snapshot successfully passes the tests. Is it generally safe to use the stable snapshots? I ask since I am not sure they are as well tested as a release? Thanks Dr. Stephen Henson wrote: On Tue, Jul 22, 2003, Edgar Villanueva wrote: The test below fails

Re: 0.9.7.b test failure on w2k using DLL's

On Tue, Jul 22, 2003, Edgar Villanueva wrote: > openssl-0.9.7-stable-SNAP-20030722 snapshot successfully passes the tests. > > Is it generally safe to use the stable snapshots? I ask since I am not > sure they are as well tested as a release? > Well stable snapshots normal

Re: 0.9.7.b test failure on w2k using DLL's

openssl-0.9.7-stable-SNAP-20030722 snapshot successfully passes the tests. Is it generally safe to use the stable snapshots? I ask since I am not sure they are as well tested as a release? Thanks Dr. Stephen Henson wrote: On Tue, Jul 22, 2003, Edgar Villanueva wrote: The test below fails

RE: malloc SEGV during ssl3_shutdown processing

This SEGV in realfree() was caused by a bug in our custom OpenLDAP back end. The bad code caused a malloc'd pointer to be freed twice. Sorry for the noise in openssl-users. Vic Abell > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Behalf Of Vic Abell > Sent: M

Is X509_check_issued too strict?

I was experimenting with replacing certificates and I found it is harder that it seems. I replaced a self-signed certificate with a new one (changing a couple of extensions, such as CRL distribution points, etc.) and now the subordinate CAs do not verify correctly against the new root certificate.

Re: 0.9.7.b test failure on w2k using DLL's

On Tue, Jul 22, 2003, Edgar Villanueva wrote: > The test below fails on W2k using dlls. Always in the same place with > the following message from the os. > The instruction at "0x0028b7cc" refereced memory at "0x911a0e50". The > memory could not be "read". > > The test is successful when using

0.9.7.b test failure on w2k using DLL's

The test below fails on W2k using dlls. Always in the same place with the following message from the os. The instruction at "0x0028b7cc" refereced memory at "0x911a0e50". The memory could not be "read". The test is successful when using the static libs. Let me know if there is any useful inform

Re: FQDN

Yes, it will be a big problem if someone spoof DNS, but it can prevent man-in-the-middle to some extent. If the DNS is sabotaged, what can we do? What should I believe? :-) The point is that if you trust the user -- you should, after all you are doing what they requested you to do -- than you don'

Re: wrong number of fields on line 1

thx, your right - the index file was not empty, there was one space character inside. - Original Message - From: "Dr. Stephen Henson" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Tuesday, July 22, 2003 3:46 PM Subject: Re: wrong number of fields on line 1 > On Tue, Jul 22, 2003, mi

Re: wrong number of fields on line 1

On Tue, Jul 22, 2003, michael portmann wrote: > Hi > > I created a new config file. now I get the following error message > Using configuration from xxx.cfg > "wrong number of fields on line 1 (looking for field 6, got 1, '' left)". > > I tried this configuration also on windows and it worked fi

wrong number of fields on line 1

Hi I created a new config file. now I get the following error message Using configuration from xxx.cfg "wrong number of fields on line 1 (looking for field 6, got 1, '' left)". I tried this configuration also on windows and it worked fine, the error occurs only on mandrake linux. I'm running Open

Re: FQDN

On Tue, Jul 22, 2003, Jue (Jacky) Shu wrote: > Thank you, David and Steve. > Yes, it will be a big problem if someone spoof DNS, > but it can prevent man-in-the-middle to some extent. If an attacker can do MITM they can readily spoof DNS as well. > If the DNS is sabotaged, what can we do? > Wha