Title: Message
slapd.conf
TLSCertificateFile
/etc/openldap/cert.pemTLSCertificateKeyFile
/etc/openldap/key.pem
ldap.conf
TLS_CACERT
/etc/openldap/cert.pem
command
[EMAIL PROTECTED] tameem]# openssl s_client -connect
localhost:389 -CAfile /etc/openldap/cert.pem -key /e
Hello all,
I am working with a client and they do not support certificate based sign-on rather they support password authentication using SSH. I installed openSSH and tried connecting and here is what I received as an error:
How do I solve this problem while still using an automated file trans
On 11/24/04 05:33 PM, Dr. Stephen Henson sat at the `puter and typed:
> On Wed, Nov 24, 2004, Louis LeBlanc wrote:
>
> > On 11/23/04 10:47 PM, Dr. Stephen Henson sat at the `puter and typed:
> > > On Tue, Nov 23, 2004, Louis LeBlanc wrote:
> > > >
> > > Does the connection seem otherwise OK and y
Maybe could you contact the author of symbssl (symbssl.sf.net)
On Wed, Nov 24, 2004 at 06:04:39PM +0100, Antonio Ruiz Martínez wrote:
> Hello!
>
>I'm writing you because I would like to know if anyone has compiled
> OpenSSL for Symbian and, in that case, how I could do it.
>
> > From: Charles B Cranston
> >
> > MacDermid, Kenny wrote:
> > > I'm looking to locally reverse engineer a network protocol
> > > that's encrypted using ssl.
> >
> > Another method would be to use a man-in-the-middle attack on
> > a third machine, but that machine would need access to the
> >
Actually, I'm trying to do this very thing. I had not heard of ssldump
and now I'm kicking myself. You should definitely use this ssldump
thing. What I was eventually going to do, which you could do also, is
find out what address is the call to SSL_verify or whatever that checks
the integrit
Hello!
I'm writing you because I would like to know if anyone has compiled
OpenSSL for Symbian and, in that case, how I could do it.
Regards,
Antonio.
__
OpenSSL Project http://www.openssl.org
U
On Wed, Nov 24, 2004, Michael Weiner wrote:
> On Wed, 2004-11-24 at 15:36 +0100, Richard Levitte - VMS Whacker wrote:
> > In message <[EMAIL PROTECTED]> on Wed, 24 Nov 2004 09:11:40 -0500, Michael
> > Weiner <[EMAIL PROTECTED]> said:
> >
> > hunter> Is there a way to "force" a serial number on a
On Wed, Nov 24, 2004, Louis LeBlanc wrote:
> On 11/23/04 10:47 PM, Dr. Stephen Henson sat at the `puter and typed:
> > On Tue, Nov 23, 2004, Louis LeBlanc wrote:
> > >
> > Does the connection seem otherwise OK and you just get this error after all
> > data has been transferred?
>
> Yes. The con
On 11/23/04 10:47 PM, Dr. Stephen Henson sat at the `puter and typed:
> On Tue, Nov 23, 2004, Louis LeBlanc wrote:
> >
> Does the connection seem otherwise OK and you just get this error after all
> data has been transferred?
Yes. The connection is established at the socket level - nonblocking
i
> From: MacDermid, Kenny
> Sent: Wednesday, November 24, 2004 8:33 AM
> To: [EMAIL PROTECTED]
> Subject: RE: Reverse engineering program protocol under ssl
>
>
> > From: Peter Sylvester
> >
> > http://www.rtfm.com/ssldump/
>
> Thank you for your reply Peter,
>
> Unfortunately I already looke
David C. Partridge wrote:
Sounds to me like you're using openssl req rather than openssl ca
Is there a way to "force" a serial number on a created certificate? I
have written an automated job that creates a signing certificate every 7
days but for some reason the serial numbers in the certificates
You're quite welcome. I'm sure the journalling-DLL approach
would work just as well. Just for information, if you have
administrative access to the server and it is based on Windows,
you might be able to save the certificate and key as a .pfx file,
then use the OpenSSL pkcs12 command to extract t
On Wed, 2004-11-24 at 09:53 -0500, Charles B Cranston wrote:
> Seems to me I saw an option to set the serial number from the
> command line appear in openssl req but it might be recently
> added (e.g., check to see if the version you are using is too
> old to have it implemented!). I've been doi
On Wed, 2004-11-24 at 15:36 +0100, Richard Levitte - VMS Whacker wrote:
> In message <[EMAIL PROTECTED]> on Wed, 24 Nov 2004 09:11:40 -0500, Michael
> Weiner <[EMAIL PROTECTED]> said:
>
> hunter> Is there a way to "force" a serial number on a created
> hunter> certificate? I have written an autom
Seems to me I saw an option to set the serial number from the
command line appear in openssl req but it might be recently
added (e.g., check to see if the version you are using is too
old to have it implemented!). I've been doing the write-even-
number-of-hex-digits-to-file since I started, so I
In message <[EMAIL PROTECTED]> on Wed, 24 Nov 2004 09:11:40 -0500, Michael
Weiner <[EMAIL PROTECTED]> said:
hunter> Is there a way to "force" a serial number on a created
hunter> certificate? I have written an automated job that creates a
hunter> signing certificate every 7 days but for some reas
Sounds to me like you're using openssl req rather than openssl ca
Dave
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Michael Weiner
Sent: 24 November 2004 14:12
To: [EMAIL PROTECTED]
Subject: serializing certificates
Is there a way to "force" a serial nu
Is there a way to "force" a serial number on a created certificate? I
have written an automated job that creates a signing certificate every 7
days but for some reason the serial numbers in the certificates is
always 0. Any thoughts?
Thank you in advance
Michael Weiner
signature.asc
Description:
in openssl/apps/s_client;c you find:
if (c_debug)
{
con->debug=1;
BIO_set_callback(sbio,bio_dump_cb);
BIO_set_callback_arg(sbio,bio_c_out);
}
if (c_msg)
{
SSL_set_msg_ca
On Wed, Nov 24, 2004, MacDermid, Kenny wrote:
> > From: Charles B Cranston
> >
> > MacDermid, Kenny wrote:
> > > I'm looking to locally reverse engineer a network protocol
> > > that's encrypted using ssl.
> >
> > Another method would be to use a man-in-the-middle attack on
> > a third machine,
> From: Charles B Cranston
>
> MacDermid, Kenny wrote:
> > I'm looking to locally reverse engineer a network protocol
> > that's encrypted using ssl.
>
> Another method would be to use a man-in-the-middle attack on
> a third machine, but that machine would need access to the
> private key of th
> From: Peter Sylvester
>
> http://www.rtfm.com/ssldump/
Thank you for your reply Peter,
Unfortunately I already looked into this, and found that I would need the
server keys. All I have is the client application, and a production
server that it communicates back to.
Thanks again,
Kenny
-
On Wed, Nov 24, 2004, Florin Angelescu wrote:
> On Wednesday 24 November 2004 11:44, Dr. Stephen Henson wrote:
> > On Wed, Nov 24, 2004, Florin Angelescu wrote:
> > > On Tuesday 23 November 2004 16:57, Dr. Stephen Henson wrote:
> > > > On Tue, Nov 23, 2004, Florin Angelescu wrote:
> > > > > Hello
On Wednesday 24 November 2004 11:44, Dr. Stephen Henson wrote:
> On Wed, Nov 24, 2004, Florin Angelescu wrote:
> > On Tuesday 23 November 2004 16:57, Dr. Stephen Henson wrote:
> > > On Tue, Nov 23, 2004, Florin Angelescu wrote:
> > > > Hello
> > > > I am trying to set up an ssl acces to ldap
> > >
On Wed, Nov 24, 2004, Florin Angelescu wrote:
> On Tuesday 23 November 2004 16:57, Dr. Stephen Henson wrote:
> > On Tue, Nov 23, 2004, Florin Angelescu wrote:
> > > Hello
> > > I am trying to set up an ssl acces to ldap
> > > following http://www.openldap.org/faq/data/cache/185.html
> > >
> > > i
http://www.rtfm.com/ssldump/
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager [EMAIL PROTE
Hi,
how can I create a certificate request with openssl like this?
Is there an easy way?
-BEGIN PRIVACY-ENHANCED MESSAGE-
Proc-Type: 4,MIC-ONLY
Content-Domain: RFC822
Originator-Certificate:
MIIB8zCCAX0CAQAwDQYJKoZIhvcNAQEEBQAwZjELMAkGA1UEBhMCZGUxEjAQBgNV
BAoTCUlUU0cgVEVTVDEWMBQGA1UECx
hello
i am trying to set up my own CA
i used CA.pl -newca
but if i try to verify cacert.pem
i have an error "self signed certificate"
How do i make a not self signed certificate ?
thank you
__
OpenSSL Project
Richard A. Faulk Jr. wrote:
I just tried setting the crl file to DER encoding and specified that files
with .crl extensions are application/x-x509-crl. I am still receiving the
certificate validation failure error on the Cisco concentrator. Is there
anything else that I need to do? Am I doing
30 matches
Mail list logo
