Hi
I m looking for OpenSSL APIs for exporting and importing Digital Certificates
can any one help me out for this.
If possible can you send me any related document or web sites to learn
more about it.
Thanks
Rafeeq
__
OpenSSL
Hi
I am unable to provide u with exact answer.
but i thought it relevent to reply u.
because I have also worked on RSA api's
Following are the command to generate rsa keys
1) openssl genrsa -out private.pem 1024 <- This generates a 1024 bit
keypair, but both keys are held in a single file ini
Hello All,
I
am working on an IPF(Itanium Processor Family) HPUX machine. Using the configure
option
hpux-ia64-cc would be the appropriate configure option while
building OpenSSL in this platform.
But I
have problems with OpennSSH authentication when I use thi
The following code fails on Windows but works perfectly on Solaris.
The failure is PEM_read_bio_X509 return null. FYI, I am trying to avoid
buffered I/O (FILE *) and hence i am using low-level file operation.
Please help.
Vijay
BIO *data;
char buf[1024*4];
memset(buf, 0
Hello All,
I
am working on an IPF(Itanium Processor Family) HPUX machine. Using the configure
option
hpux-ia64-cc would be the appropriate configure option while
building OpenSSL in this platform.
But I
have problems with OpennSSH authentication when I use this
>
> The certificate you have might not be certified for client authentication or
> the root CA might not be trusted for client authentication.
>
> See what happens when you do:
>
> openssl x509 -in clcert.pem -text -noout
>
> Steve.
Steve,
Thanks for replying. Here's what I got from one of
On Mon, Feb 28, 2005, ohaya wrote:
> Hi,
>
> I've figured out how to get the "openssl s_client" to display the list
> of CAs:
>
> 1) Run: openssl s_client -connect host:port -prexit
>
> 2) When it pauses, type in a "GET": GET / HTTP/1.0
>
> So I am now able to see the list of CAs that the we
On Mon, Feb 28, 2005, ohaya wrote:
> Hi,
>
>
> It seems that client authentication must be enabled on the web server.
> Otherwise, when I connect with the browser with the other client certs,
> I wouldn't get those client certs appearing in the browser popup
> window.
>
> But then, why is "o
Hi,
I've figured out how to get the "openssl s_client" to display the list
of CAs:
1) Run: openssl s_client -connect host:port -prexit
2) When it pauses, type in a "GET": GET / HTTP/1.0
So I am now able to see the list of CAs that the webserver is sending,
and here's an excerpt:
.
.
/C=US/O=
Hi,
I have been trying to use openssl and, in particular, "openssl s_client"
to try to diagnose some problems that I have been having working with
some (server and client) certificates that I think were created using an
RSA product (Keon, I think).
The original problem that started all of this is
Is there anyway to rebuild the index.txt file?
Basically this file hasn't been properly maintained in
the past. As I understand it, this file is critical
for processes like CRLs and since I'm going way beyond
simple certificate issuer. I would like to fix this
file before moving on.
Any suggestio
On Mon, Feb 28, 2005, ray v wrote:
> I'm trying to get our domain controllers to make use
> of certificates generated by our openssl based CA. Is
> there documentation out there on how to make this work
> correctly? Any pointers would be appreciated!
>
> Requirements for making third-party certif
I'm trying to get our domain controllers to make use
of certificates generated by our openssl based CA. Is
there documentation out there on how to make this work
correctly? Any pointers would be appreciated!
Requirements for making third-party certificates work
http://support.microsoft.com/default
Hello. Thanks for the solution. Actually I phrased the
question wrong. I am sorry about that. Let me rephrase
my question.
I actually tried to create the self signed certificate
without the x509 option using "req" as follows,
1) First generated the cert request,
> openssl req -newkey rsa:1024 -c
Steve,
Thanks again.
I've added the following to Pound's source code and I am correctly
detecting the revoked certificate.
(Also thanks to Joseph Bruni, who's sample source code I shamelessly
nabbed from his "CRL bug?" posting)
619,631d618
<
< // CRL fix
<
On Mon, Feb 28, 2005, Damien Dougan wrote:
> Steve,
>
> Thanks for the reply.
>
> I am still getting revoked certificates passing SSL handshake with the
> Pound software load balancer terminating the SSL connection - so a
> further question:
>
> Does a SSL server implementation have to explictl
Steve,
Thanks for the reply.
I am still getting revoked certificates passing SSL handshake with the
Pound software load balancer terminating the SSL connection - so a
further question:
Does a SSL server implementation have to explictly call OpenSSL APIs to
check the certificate against a CRL, or
Hi Sanjay,
the following is an extract from the
documentation(http://www.openssl.org/docs/apps/req.html) for the "req"
command :
..
- days *n
* when the *-x509* option is being used this specifies the number of
days to certify the certificate for. *The default is 30 days.*
..
so, if u
Hi everyone. I am a newbie with regards to openssl. I
would really appreciate if anyone can help me with
this. I am having a problem with creation of a root
certificate in linux. I have created my own
configuration file "openssl.cnf" and am using that to
create a root ca certificate. I am using the
Thank you!
I hadn't realized that the encoding should be primitive when encoding the
good answer and constructed when encoding the revoked answer. It works just
fine now. Once again, thank you!
Regards,
John Allberg
-Ursprungligt meddelande-
Från: [EMAIL PROTECTED]
[mailto:[EMAIL PROTE
20 matches
Mail list logo
