In message <[EMAIL PROTECTED]> on Fri, 19 Mar 2004 17:57:55 -0700, Joseph Bruni
<[EMAIL PROTECTED]> said:
brunij> If you build your application on OS X or Darwin, you'll run into the
brunij> really nasty problem where the LinkEditor will bind your app to shared
brunij> libraries even if you spe
If you build your application on OS X or Darwin, you'll run into the
really nasty problem where the LinkEditor will bind your app to shared
libraries even if you specify static libraries.
(I found this out the hard way.)
Not fun.
On Mar 19, 2004, at 9:52 AM, Mark Rowe wrote:
Hi,
Question
If
Hi:
I want to turn off the MAC for small packets. But all the algorithm suites that
come with openssl-0.9.7c seems to run with either MD5 or SHA.
Is there a way to configure it so that MAC is not used?
Also, what is the default block size for the block ciphers and stream ciphers,
res
In message <[EMAIL PROTECTED]> on Fri, 19 Mar 2004 10:52:21 -0600, Mark Rowe <[EMAIL
PROTECTED]> said:
rowe> If I build applications using a later version of
rowe> openssl and run the compiled binaries on an
rowe> operating system with earlier versions of openssl
rowe> will there be any problems?
Question,
If I build a non-static apache module binary as a Dynamic Shared
Object (DSO) with apache 1.3.29 using functions from a later version
of openssl and load the compiled binary (DSO) on an operating system
running apache 1.3.29 with earlier versions of openssl will there be any
problems?
Ex
Title: Message
Yes,
it is, according to the announcement of 0.9.7d.
You
can always search the list archives. Find the list of archive sites at http://www.openssl.org/support/.
Janet
Shea
-Original Message-From: Ellis Hardin, Jr
[mailto:[EMAIL PROTECTED]Sent: Friday, March 1
On Fri, Mar 19, 2004, Jeremy M. Guthrie wrote:
>
> openssl pkcs12 -in key.pem -out key.pkcs12 -export -certfile cert.pem
> No certificate matches private key
>
There is actually no requirement in the PKCS#12 standard to include a matching
certificate and private key. However most browsers at th
On March 19, 2004 at 13:05, Brad Buckingham wrote:
> I have quick question regarding the OpenSSL (0.9.7c)
> implementation for RSA signatures (e.g. RSA_sign) Does it comply
> with RFC-2437 "PKCS #1: RSA Cryptography Specifications
> Version 2"?
>
> Specifically, does it support RSASSA-PKCS1-v1_
ok, that probably means that the key and cert you are using are not related. You need
to create a
certificate with your key and use *that* certificate with it. (They must match - and
that's what I
mean by match - the key "creates" the certificate)...
Look at the docs for how to generate a cert
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
openssl pkcs12 -in key.pem -out key.pkcs12 -export -certfile cert.pem
No certificate matches private key
On Friday 19 March 2004 12:19 pm, Mike Gagnon wrote:
> I haven't tried that, but I think that might work. The easiest way is to
> use the certfi
I haven't tried that, but I think that might work. The easiest way is to use the
certfile option
like Amar said...
Mike
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
so is the idea then that I 'cat key.pem cert.pem > key+cert.pem' and run
openssl against key+cert.pem?
On Friday 19 March 2004
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
so is the idea then that I 'cat key.pem cert.pem > key+cert.pem' and run
openssl against key+cert.pem?
On Friday 19 March 2004 11:55 am, Mike Gagnon wrote:
> You can't place a key without its certificate into a PKCS12. You need
> both - they are cou
I have quick question regarding the OpenSSL (0.9.7c)
implementation for RSA signatures (e.g. RSA_sign) Does it comply
with RFC-2437 "PKCS #1: RSA Cryptography Specifications
Version 2"?
Specifically, does it support RSASSA-PKCS1-v1_5 (Ch8)
and EMSA-PKCS1-v1_5 (Ch9)?
Thanks in advance for your res
Jeremy M. Guthrie wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
and what if the file does not contain a certificate in it? Just a key?
Then you can use -certfile f option. The file you specify using the
certfile option must contain the certificate.
Regards,
Amar
On Friday 19 March 200
You can't place a key without its certificate into a PKCS12. You need both - they are
coupled
together in this type of file. You can even store certificates that were not created
with the
supplied key, but at least one of the certificates must "match" the supplied key..
Mike
-BEGIN PGP
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
and what if the file does not contain a certificate in it? Just a key?
On Friday 19 March 2004 11:31 am, Amar Desai wrote:
> Jeremy M. Guthrie wrote:
> >-BEGIN PGP SIGNED MESSAGE-
> >Hash: SHA1
> >
> >I've tried the following and I always get
Jeremy M. Guthrie wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I've tried the following and I always get "No certificate matches private
key".
openssl pkcs12 -in key.pem -out key.pkcs12 -export
It should work fine if your "key.pem" contains a valid key and matching
certificate. The er
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I've tried the following and I always get "No certificate matches private
key".
openssl pkcs12 -in key.pem -out key.pkcs12 -export
openssl pkcs12 -in key.pem -out key.pkcs12 -export -nocerts
openssl pkcs12 -export -in key.pem -inkey key.pem -out key.p
Question
If I build applications using a later version of
openssl and run the compiled binaries on an
operating system with earlier versions of openssl
will there be any problems?
Example: I build applications using openssl 0.9.7b on
linux redhat version 7.2 with kernel 2.4.7 and gnu gcc 2.96
and
Title: Message
Hello,
Sorry if this has been posted already, but I just subscribed to this
list.
Is 1b49e90fc8a75c3a507c0a624529aca5 the correct MD5 signature for
openssl-0.9.7d.tar.gz?
--
-- Ellis Hardin <[EMAIL PROTECTED]>
-- Unix Systems Analyst
-- University of New
Orlea
Hi,
Question
If I build applications using a later version of
openssl and run the compiled binaries on an
operating system with earlier versions of openssl
will there be any problems?
Example: I build applications using openssl 0.9.7b on
linux redhat version 7.2 with kernel 2.4.7 and gnu gcc 2.96
I received a patch from Richard Könning and I was able to apply it.
However, at the same time I'm trying to get SSL 0.9.7 working, we installed
a new compiler version which seems to have messed up SSL for other reasons.
If I have any further problems with SSL (that I can pin on SSL), I'll let
y
Hello,
we use a ldap Connectin from LinuxClients to our Win 2000 Domain, it works
fin. But we want to use a LADP-Connection with open_ssl to our Win 2000
Domain.
It doesn´t works.
The SSL Port 636 on the Windows-Server is open, we tested that with the
MS-Tool lpd.exe.
I think we need a signi
On Fri, Mar 19, 2004, murugesandins wrote:
> Hello all
> some how (from gdb ) I got the definition for the function
>
> Bio *bp,
> PKCS8_PRIV_KEY_INFO *pkcs8;
> int num;
>
> PEM_read_bio_PKCS8_PRIV_KEY_INFO(bp,&pkcs8,&num, "test");
>
>
> bp can be set to BIO_new_file("pkcs8","r")
>
> w
Hi Richard,
Thanks for your help. I hope I'm not leading you down the garden path.
I've debugged a bit further and it seems that the rename in rotate_index is
not occuring even though rename() is not returning an error. This is on
Windows, and running the commands from a shell script under Cygwi
Hello all
some how (from gdb ) I got the definition for the function
Bio *bp,
PKCS8_PRIV_KEY_INFO *pkcs8;
int num;
PEM_read_bio_PKCS8_PRIV_KEY_INFO(bp,&pkcs8,&num, "test");
bp can be set to BIO_new_file("pkcs8","r")
where pkcs8 is generated by the command
openssl pkcs8 -passout pass:p
Hi Andrew
It was a good job I asked the question I think. Gerrit and yourself have
caused me to sit down and learn a lot more about cryptography than I had
intended, but it has been very useful.
On Friday 19 Mar 2004 01:01, Andrew Mann wrote:
> I don't see that you should be using public
27 matches
Mail list logo
