At 03:54 PM 9/24/2004 -0700, you wrote:
kloomis wrote:
At 11:31 PM 9/23/2004 -0700, you
wrote:
kloomis
wrote:
Hello:
I am using SSL with Apache 2.0 to run a "secure" website.
The problem I have is that Mac users using Internet Explorer open the
site without encryption. They access it via an http
kloomis wrote:
At 11:31 PM 9/23/2004 -0700, you wrote:
kloomis wrote:
Hello:
I am using SSL with Apache 2.0 to run a "secure" website. The
problem I have is that Mac users using Internet Explorer open the
site without encryption. They access it via an https:\\ address but
they don't get aske
Hi Richard,
You're absolutely right, Nb-1 is sent during the last message from Client B to A.
I have considered the options you specified regarding the generations of the random number based on the size which resulted in the following code:
unsigned char rnd[4];RAND_pseudo_bytes(rnd,sizeof(rnd));
I will be out of the office starting 09/24/2004 and will not return until
09/27/2004.
I will be checking my e-mail periodically while I am away. However, I may
not be able to respond to you until I return.
If this is an emergency, please contact weither Jennifer Gibson
([EMAIL PROTECTED]) o
HI,
I have a p12 file that I need to use for authenticating myself as a
client to access a secured site. I am talking about Trans Union site.
Has anyone done anything in this area ?
How can this be done.
Regards,
Kushal.
__
OpenSSL
Ken,
Unfortunately, it can be a lengthy process but better
than it was with Apache 1.x. There are docs with the source distribution
of Apache. You will probably need to build it to get a version with ssl
enabled. Below are a few of the things you will need in your http.conf or
an includ
At 06:57 AM 9/24/2004 -0700, you wrote:
Ken,
If your server is set up correctly, it won't communicate in any mode
other than ssl using the port you assigned. How the browser behaves
is controlled by the plethora of setting in the browser and the browser
brand. On the public web, it may not alwa
At 11:31 PM 9/23/2004 -0700, you wrote:
kloomis wrote:
Hello:
I am using SSL with Apache 2.0 to run a "secure" website.
The problem I have is that Mac users using Internet Explorer open the
site without encryption. They access it via an https:\\ address but
they don't get asked to accept a secur
Hello!
I'm new to the list as I wanted to ask if it is possible to install OpenSSL on a USB
Stick so that it can be used on different PCs. I'm using OpenSSL together with
InScribe (www.memecode.com) to receive and send my messages with SSL encryption and I
carry my mails on a USB Stick as I us
Peter O Sigurdson wrote:
One reason I can think of is that if you wanted to PREVENT anyone
WITHOUT the certificate from accessing your site.
That is, you could mail out diskettes with the cert file to use as a
perimeter defense.
No, I meant a technical reason. You can argue that your computer sh
In message <[EMAIL PROTECTED]> on Fri, 24 Sep 2004 13:56:25 +0200, Gerd Schering
<[EMAIL PROTECTED]> said:
Schering> Richard Levitte - VMS Whacker wrote:
Schering> > In message <[EMAIL PROTECTED]> on Fri, 24 Sep 2004 11:29:23 +0200, Gerd
Schering <[EMAIL PROTECTED]> said:
Schering> >
Schering>
Gerd Schering wrote:
Richard Levitte - VMS Whacker wrote:
In message <[EMAIL PROTECTED]> on Fri, 24 Sep 2004
11:29:23 +0200, Gerd Schering <[EMAIL PROTECTED]> said:
Schering> is it possible to use domain name components - as in ldap -
Schering> for the certificate dn, i.e. something like
Scherin
Joppe Bos wrote:
Hello everyone,
I am fairly new with openssl and am trying to write a function which can
make a public / private key pair with GMP (an open source big number
library). I am doing this to compare the running time with openssl. I have
a few questions regarding the openssl genrsa c
Ken,
If your server is set up correctly, it won't communicate in any mode other than ssl
using the port you assigned. How the browser behaves is controlled by the plethora of
setting in the browser and the browser brand. On the public web, it may not always be
a browser that connects. Crawler
One reason I can think of is that if
you wanted to PREVENT anyone WITHOUT the certificate from accessing your
site.
That is, you could mail out diskettes
with the cert file to use as a perimeter defense.
David Schwartz <[EMAIL PROTECTED]>
Sent by: [EMAIL PROTECTED]
09/24/2004 02:31 AM
Pleas
I'm trying to build the html files for the docs from the pod files using
pod2html
The html files are getting built, but the links don't work between them and
I get lots of messages like:
C:\Perl\bin/pod2html.bat:
C:\openssl-0.9.7d\doc\ssl\SSL_CTX_set_ssl_version.pod:
cannot resolve L in paragrap
Hi: I am using openssl 0.9.7d on AIX 4.3 32-bit libraries. I have good certificates: at least openssl verify command tells me the server cert and the root that signed it are good.
SSL_accept fails with -1, SSL_get_error says SSL_ERROR_SSL, but the error queue is empty. Without more detailed hi
Hello everyone,
I am fairly new with openssl and am trying to write a function which can
make a public / private key pair with GMP (an open source big number
library). I am doing this to compare the running time with openssl. I have
a few questions regarding the openssl genrsa command:
- What
Richard Levitte - VMS Whacker wrote:
In message <[EMAIL PROTECTED]> on Fri, 24 Sep 2004 11:29:23 +0200, Gerd Schering <[EMAIL
PROTECTED]> said:
Schering> is it possible to use domain name components - as in ldap -
Schering> for the certificate dn, i.e. something like
Schering> dc=mycompany,dc=com
Richard Levitte said:
>Note that, as long as you only have applications that really know how
>to handle multiple verification paths, then you can throw all kinds of
>certificates at them without worrying. Unfortunately, that's not a
>reality yet.
Richard, is there any useful guidance you can po
In message <[EMAIL PROTECTED]> on Fri, 24 Sep 2004 12:55:37 +0200 (CEST), Richard
Levitte - VMS Whacker <[EMAIL PROTECTED]> said:
richard> Why on earth should all users need to have both cross certificates?
richard> And if they have CA0c1 as a point of trust, why on earth would they
richard> need
In message <[EMAIL PROTECTED]> on Fri, 24 Sep 2004 14:22:06 +0400, Toxa <[EMAIL
PROTECTED]> said:
postfix> > All the arrows shows what the cerificates can verify. It should be
postfix> > easy to see that any path going down from CA0 is impossible, because
postfix> > there's nothing that can veri
In message <[EMAIL PROTECTED]> on Fri, 24 Sep 2004 11:29:23 +0200, Gerd Schering
<[EMAIL PROTECTED]> said:
Schering> is it possible to use domain name components - as in ldap -
Schering> for the certificate dn, i.e. something like
Schering> dc=mycompany,dc=com instead of the C=US,... staff?
Abso
On Thu, Sep 23, 2004 at 11:46:20PM +0200, Richard Levitte - VMS Whacker wrote:
> postfix> they should import new CA1c2 for now. CA1c1 may be slightly
> postfix> dropped.
> (you mean "silently" rather than "slightly", right?)
Oh, yes, I mean "easily, without any care". According to the dictionary,
You may change the config file and use use
Organisation_value = some
instead of
Organisation_default = some
etc.
>
> Dan Mahoney, System Admin wrote:
>
> > On Fri, 24 Sep 2004, sam wrote:
> >
> >> Hi,
> >>
> >> When signing a cert request, how to instruct openssl to answer y(es)
>
Hi,
is it possible to use domain name components - as in ldap - for the certificate
dn, i.e. something like dc=mycompany,dc=com instead of the C=US,... staff?
Gerd
--
--
-- Gerd Schering, Email: [EMAIL PROTECTED] --
26 matches
Mail list logo
