Hi all,
Jason Haar wrote:
Greg Vickers wrote:
Thanks again - we will do a re-key. Would I use the CA.pl script and
I really hope someone who knows more than Greg and I can give an
authoritative answer to this question. I'd LOVE to know how to recreate
a CA cert (instead of creating a new
Arsen,
Arsen Hayrapetyan wrote:
However, if your CA root certificate is expiring soon, isn't it better
idea to do a re-key (of course, if it is allowed by your policy) than to
continue to use the old key-pair? (It is safer to do re-key time to time
than use the same key-pair for a long perio
Greg Vickers wrote:
> Thanks again - we will do a re-key. Would I use the CA.pl script and
> put in the same information that is in the original CA certificate?
> Will that result in a CA certificate that can be used in browsers etc
> and will authenticate web server certificates issued by the old
Thanks Arsen!
Arsen Hayrapetyan wrote:
I am in the process of renewing a root CA certificate (which is
expiring soon.) I should be able to use the original certificate
signing request to issue a new certificate for the CA, correct?
Yes. But even if you don't have the original certificate signi
Hi
I'm considering writing an application that can passively sniff SSL/TLS
traffic, as part of an assignment at university. I'm aware of SSLDUMP, but
still want to go my own path.
I've written a client/server implementation of openssl, and know that alot of
functions are coded for that purpos
Hi Goetz,
What do you mean by subjectAltName=DNS:host1.domain1,DNS:host2.domain2,... ??
I have to change the openssl.cnf ?
Can you p^lease more explicit ?
Thanks for you help
King Regards,
Farid
On 11/23/05, Goetz Babin-Ebell <[EMAIL PROTECTED]> wrote:
Farid Izem wrote:> Hi all,>> New to this
Hi,
Crypt::SSLeay build problem
I run a Cobalt RaQ4 server that has a number of sites. I need to twesk the
(perl) shopping suite of one of the users so it works with a credit card
company. To do this it needs to send https messages. The server can happily
recieve https.
The system (built on R
Hi,
This is my first post on this list, I searched the archive but couldn't
any help ;).
My System is Windows XP x64, all latest Updates installed. VS2003 und
VS2005 is installed, and I also have the full Windows 2003 SDK Tools on
my machine.
I am trying to compile OpenSSL as static lib for Windo
Can someone help us out why we are having the connection problem? Searched
the internet for answer and it seems to me that the problem is in the
protocol level.
In the Java client running under Sun JVM windows version we have the
following code.
SSLSocketFactory sslsocketfactory =
Hi,
> You load the server cert with SSL_CTX_use_certificate_file()
> and the CA... certs with SSL_CTX_use_certificate_chain_file()
> Normally you don't have to load the root because the
> client has to have the root cert to verify the chain...
How does the client get the root certificate? Is it
Hi,
> Make a CA cert, and sign a server cert with it, and use this in the
> verify locations call in the client.
I tried this and instead I get the error:
-Error with certificate at depth: 0
issuer = ...
subject = ...
err 20:unable to get local issuer certificate
Best Regards,
Mark W
Make a CA cert, and sign a server cert with it, and use this in the
verify locations call in the client.
Mark wrote:
Hi,
Thanks for the help from everyone with regards to certificates. I now
have
an error when attempting to run my application.
On the server side when I call SSL_accept() I
Hi,
Thanks for the help from everyone with regards to certificates. I now
have
an error when attempting to run my application.
On the server side when I call SSL_accept() I get the error:
error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca
and on the client side when I call SSL_
I have an Apache2 server that requires a valid client certificate to
access. In other words:
SSLVerify = required
I need to make available a form on this "secure" server from within a
site on a different, non-secure server.
I intend to publish this secure page within an iframe on the non
On Wed, Nov 23, 2005, john guerrero wrote:
> i have a signature that fails verification.
>
> openssl dgst -sha1 -verify public.pem -signature sigfile myfile
> Verification Failure
>
> this one particular pair (sigfile, myfile) fails verification out of a
> group of 500,000 pairs which all succe
Hi Greg,
Greg Vickers wrote:
> Argh, hit the send button before I had finished *blush*
>
> Greg Vickers wrote:
>
>> Hi all,
>>
>> I am in the process of renewing a root CA certificate (which is
>> expiring soon.) I should be able to use the original certificate
>> signing request to issue a new c
On Wed, Nov 23, 2005 at 02:41:17PM -, Mark wrote:
> Thanks Katie,
> I tried your makefile but it did not work for me (I did change the paths
> and fix the missing TABs) but it failed with the error. The rule for
> %.cert
> looks ok to me:
>
> gmake: *** No rule to make target `sv.cert', need
17 matches
Mail list logo
