On Mon, Nov 08, 2004, Sundar Raman wrote:
> This is probably a pretty basic question, but i'm new to encryption and
> openssl, so please forgive the fact that it's probably stupid.
>
> I've got known private and public rsa keys in hex format, including all
> the parameters (n, p, q, etc.). I know
On Mon, Nov 08, 2004, ray v wrote:
> Ok second day to experiment with OIDs. I found our
> company regiester OIDs. I use them like so..
>
> oid_section = company_oids
>
> [company_oids]
> val1 = 1.3.6.1.4.1.9.50
> val2 = 1.3.6.1.4.1.9.51
> val3 = 1.3.6.1.4.1.9.52
>
> So when I make
On Mon, Nov 08, 2004 at 04:27:14PM -0600, Sundar Raman wrote:
> I've got known private and public rsa keys in hex format, including all
> the parameters (n, p, q, etc.). I know that i can use genrsa to generate
> keys into a .pem file that can subsequently be passed to enc to
> encrypted some data.
Ok second day to experiment with OIDs. I found our
company regiester OIDs. I use them like so..
oid_section = company_oids
[company_oids]
val1 = 1.3.6.1.4.1.9.50
val2 = 1.3.6.1.4.1.9.51
val3 = 1.3.6.1.4.1.9.52
So when I make certificates everything goes well no
errors. However when
In message <[EMAIL PROTECTED]> on Mon, 08 Nov 2004 12:49:58 -0500, Charles B
Cranston <[EMAIL PROTECTED]> said:
zben> I guess my comments were kind of conditioned on the certificate
zben> being for HTTPS, however, the underlying problem occurs in all
zben> SSL transfers: when multiple domain name
This is probably a pretty basic question, but i'm new to encryption and
openssl, so please forgive the fact that it's probably stupid.
I've got known private and public rsa keys in hex format, including all
the parameters (n, p, q, etc.). I know that i can use genrsa to generate
keys into a .pem fi
Hi Stephen,
A quick run under Netscape 4.74 (all I had around I'm sorry) shows a similar
problem with longer passwords - pkcs12 export from MS (regardless of "Enable
strong protection" option) or Netscape with long password won't import into
the other.
I'll test with the newer Mozilla variants -
Hi All,
I've searched/read through much of the openssl-users
group and documents provided by openssl.org. I'm still
fuzzy about how to accomplish my task, maybe someone
can help out.
First of I'm not a coder, I can hack some, if its very
simple stuff.
I wish to add three custom fields for tracki
On Mon, Nov 08, 2004, Deane Sloan wrote:
> Hi,
>
> We are using the OpenSSL PKCS#12 features for creating files for import
> to/from the Microsoft user stores - using PKCS12_parse and PKCS12_create (
> nid_key=NID_pbe_WithSHA1And3_Key_TripleDES_CBC,
> nid_cert=NID_pbe_WithSHA1And40BitRC2_CBC, ite
Hi,
To put some context on the below - the PKCS12 password interop issue cannot
be resolved by limiting the password input to 32 characters (not counting
the terminating NULL) external to the OpenSSL API - as the password string's
null is counted as an additional (Unicode) character for the purpo
On Mon, Nov 08, 2004, Thilo Stäbler wrote:
> hi!
> i would like to know, why I need a issuer certificate when querying an
> ocsp server for certificate validation?
Because the query format in the OCSP standards requires three pieces of
information:
1. The hash of the issuer name in the certific
I am trying to configure and make ssl 0.9.7e on a Solaris
OS. The configure script finishes just fine but if I pause
after it is done, then I am logged out of my window to the
server. If I do a type ahead, then I can finish the configure
and the make but once I stop, then I get automatically log
I guess my comments were kind of conditioned on the certificate
being for HTTPS, however, the underlying problem occurs in all
SSL transfers: when multiple domain names resolve to the same IP
address there is no way for a server to know which of the
certificates to present, and since the negotiatio
hi!
i would like to know, why I need a issuer certificate when querying an
ocsp server for certificate validation?
Wouldn't it be enough to know the ocsp server of the issuer to check the
certificate with?
thanks in advance
thilo
__
On Mon, Nov 08, 2004 at 02:53:40PM +, Ronan wrote:
> Binding to server hostname:636
> as the DN CN=administrator,CN=Users,DC=rtest,DC=qub,DC=ac,DC=uk ...
> ldap_simple_bind_s: Can't contact LDAP server
Several things to try:
- RTFM/UTFS/ATFG to find out what "Can't contact LDAP server" means
I think the complication is that he's going to have to use
the virtual hosts stuff so that the correct certificate can
be returned to each connection, and that this means he's
going to have to have two different IP addresses, since there
will be no way to determine WHICH certificate to send.
This i
Hi i have the following ldap code which, using ssl attempts to bind to a
server.
=== start code ===
if (ldapssl_clientauth_init( "./cert7.db", NULL,
0, NULL, NULL) < -1){
perror( "ldap_clientauth_init" );
return( 1 );
}
/*if (ldapssl_client_init( "./cert
Hi,
We are using the OpenSSL PKCS#12 features for creating files for import
to/from the Microsoft user stores - using PKCS12_parse and PKCS12_create (
nid_key=NID_pbe_WithSHA1And3_Key_TripleDES_CBC,
nid_cert=NID_pbe_WithSHA1And40BitRC2_CBC, iter=2000, mac_iter=2000,
keytype=0).
Our tests have unc
Hello,
Well, I don't know where is your problem, (perhaps some additional
explanations should be welcome ;)),
but if you try to build a client, you shoud :
Export your certificate(s) as a .pem or pkcs12 file.
Copy it onto your certs directory and run the openssl c_rehash utility
to create a "has
ok
i have an ldap client that i need to use ssl with
its going to connect to an Active directory server on a win2000 box
so i generated a key then a csr then signed the csr with my domains root CA
now i have a certificate on a linux box and i want to install it onto
the windows box
do i not change
Forwarded to the openssl-users list.
Best regards,
Lutz
- Forwarded message from Phan Nguyen Trung Hieu <[EMAIL PROTECTED]> -
X-Original-To: [EMAIL PROTECTED]
X-Original-To: [EMAIL PROTECTED]
Delivered-To: [EMAIL PROTECTED]
X-BitDefender-Scanner: Clean, Agent: SMTP PROXY 1.5.6 (sm
Hi Thomas
I have the OpenSSL dlls in c:\opensa\openssl\bin they are libeay32.dll
and ssleay32.dll, there is only one other file in this dir -
Openssl.exe. I notice though when I installed Win32OpenSSL it copied
the the above dlls to c:\windows\system32 and it also copies a third
dll libssl32.dll.
22 matches
Mail list logo
