> My server can send 1 message to the client and the client has no problem
reading
> and displaying the message. Also my client can send a message back to
server but
> in order to display the message I have to use BIO_flush. After those 2
messages I
> am unable to get any more messages to send and
Mark wrote:
Hello Mark,
You are still using 0.9.6 ?
I strongly recommend that you update OpenSSL to a newer version.
3 year old software is almost like back to stone age...
Indeed I have already recommended this too. However we will be
using OpenSSL on OpenVMS 7.3-1 and HP's implementation fo
* I tried with -Veify 9 option. No change in the output still fails with same error (unable to get local issuer certificate).* However with the change in syntax of openssl verify (as you suggested), the verification is failing
server.pem - has only ServerCert does not include ServiceProvideCA--
On Thu, Dec 08, 2005, [EMAIL PROTECTED] wrote:
> Hi,
>
> I am using to OpenSSL as TLS client and server. I am using certificate chain
> of size 3 on both sides.
>
> On Server Side
> RootCA (root.pem)
> ServiceProviderCA (spca.pem)
> ServerCert (server.pem)
>
> On Client Side
> RootCA (root.pem)
These may be of use to you, you may have
seen them, but I solved most of my problems with these howtos.
http://www.openldap.org/faq/data/cache/185.html
http://web.singnet.com.sg/~garyttt/
Victor
From: owner-openssl-users@openssl.org [mailto:owner-openssl-users@openss
On Fri, Dec 09, 2005, [EMAIL PROTECTED] wrote:
>
> But I am able to veify the certs using following command
>
> clientChain.pem has ServiceProviderCA and ClientCert (in that order)
> serverChain.pem has ServiceProviderCA and ServerCert (in that order)
>
> C:\OpenSSL\bin>openssl verify -CApath \
Thanks Victor,But I am able to veify the certs using following commandclientChain.pem has ServiceProviderCA and ClientCert (in that order)serverChain.pem has ServiceProviderCA and ServerCert (in that order)
C:\OpenSSL\bin>openssl verify -CApath \certs clientChain.pem c:\certs\clientChain.pem: OKC:\
On Fri, Dec 09, 2005, Chevalier, Victor T. wrote:
>
> > 3500:error:0406506C:rsa routines:RSA_EAY_PRIVATE_DECRYPT:data greater
> > than modlen:rsa_eay.c:308
>
> And if there is a way to make the public key size larger? Or what!
>
The public key and in particular the public key size if fixed b
On Fri, Dec 09, 2005 at 08:54:01AM -0600, Chevalier, Victor T. wrote:
> > 3500:error:0406506C:rsa routines:RSA_EAY_PRIVATE_DECRYPT:data greater
> > than modlen:rsa_eay.c:308
>
> And if there is a way to make the public key size larger? Or what!
>
The "modlen" is not the public key size, it is
You may have created the certificates improperly.
I had the same problem last year. You may want to post this on openldap and
not openssl though.
Good Luck,
Victor
From: owner-openssl-users@openssl.org [mailto:owner-openssl-users@openssl.org] On Behalf Of [EMAIL PROTECTE
<< Game over, the above demonstrates sufficiently deep confusion about
RSA, << that you must not proceed any further until you see why it is
absurd.
I do understand the rules for RSA encryption; I was merely testing a
reverse method for educational purposes. I stated "I want to decrypt
with the p
Hi,
I have a doubt regarding the x509_verify_cert.
I used openssl to generate two Root CA certificates (Self signed) say Root
CA1, Root CA2. I got two self-certificates say SelfCert1 from Root CA1 and
SelfCert2 from Root CA2.
In an effort to simulate a bridge CA, one more root CA is generat
Hi, I have a query about how to use the openssl command line to decrypt and encrypt my packet. Below is an ipsec encrypted packet which i decrypt and print on the console. When I try to do the same with openssl command line it gives a different value
Before decryption (below is a complete packet wh
Hi Goetz,
> >> * On server:
> >>* if your server cert is signed by the root,
> >> you can turn off sending of the root to the cert by
> >> SSL_CTX_set_mode(ctx,SL_MODE_NO_AUTO_CHAIN)
> >
> > I can't find this option (or similar) in the docs or header
> files. Was this added in 0.9
I've upgraded the
OPENSSL static library from 0.9.6c to 0.9.8a
I've tried to
compile the library with /ML and MLd flags. Any of them give "fatal error
LNK1000" while linking my application in debug mode (release mode links
OK).
Is there any
experience with this error?
Thanks,
Mike
15 matches
Mail list logo
