win32 crash in SSL_CTX_use_certificate_file(m_app_ctx, certpath, SSL_FILETYPE_PEM)

Hello there openssl users. I recently compiled and built openssl for a VC-WIN32 target, however I'm running into problems. I compiled static (release mode default) and did nmake -f ms\nt.mak (vc2003). I then successfully linked against the openssl libs, only to find that SSL_CTX_use_certificate_fi

OpenSSL FIPS validation of source files

Hello All,   I am using OpenSSL 0.9.7e with fips configure option.   I edited one of the fips source files and tried to build OpenSSL and I got the error"Your source code does not match the FIPS validated source."   This error can be overcome as follows   i. Edit the fips source files.ii. Gener

RE: make: command not found , while installing mod_ssl

Thanks for the reply , I installed all packages .. But my https:// is still not working .. I enabled .. LoadModule of mod_ssl.so, Listen 443, and modified Virtual Tag I think that the problem is "SSLEngine on" when I enable SSLEngine on , my http://server isnot working anymore When it

Enabling SSL Authentication With Apache/PHP/MySQL

Title: Message Hello,   I'm looking for a primer or how-to on setting up FakeBasicAuth with a Wiki portal engine running in PHP, with a MySQL backend.   Any suggestions are greatly appreciated..!   Thomas

Re: Unimplemented stat function in wcecompat-1.2 causes error in OpenSSL-0.9.8a

OK, thanks for that pointer.  wcecompat has been working fine in all other respects, and with this fix, I have no issues with it.  So I think I'll just stick to that.  Its good to know there are alternative compatibility libraries around though. Thanks, Michael On 2/1/06, Daniel Díaz Sánchez <[EMA

openssl 0.9.7h vs 0.9.8

I don't know if this has been talked about to death, sorry if it has. But I see a big difference between the way openssl deals with shared libraries between version 0.9.7h and 0.9.8 that doesn't seem to be addressed in the documentation. On Solaris 9, if I config, make and install openssl 0.9.8 (

RE: Unimplemented stat function in wcecompat-1.2 causes error in OpenSSL-0.9.8a

The function stat causes errors in functions as  “by_dir” used when a certificate is verified. Windows CE, at least 4.2 version does not implement stat, and the implementation from wcecompat is not correct.   Have a look at the code at http://karajan.it.uc3m.es/~pervasive/wce_lite_compat/

Unimplemented stat function in wcecompat-1.2 causes error in OpenSSL-0.9.8a

I just fixed an interesting problem I was having with OpenSSL-0.9.8a running with the wcecompat-1.2 library on WinCE5.0. I have multiple CA certs in a cert directory hashed by the c_rehash function.  The CA certs are in a hierarchy 2 levels deep.  My app (wpa_supplicant) is running as a client.  W

Re: X.509 tool generation

Can you recommend a tool which can do the work? View this message in context: Re: X.509 tool generation Sent from the OpenSSL - User forum at Nabble.com.

RE: make: command not found , while installing mod_ssl

All you would need are the two packages at the first two links, and you are there. You don't need the compiler, since these are pre-built installers. Once they are installed, they will run natively on Windows, no need for Cygwin. After that, it's just a question of reading the manuals for Apache

Re: X.509 tool generation

On Wed, Feb 01, 2006, majorsoul (sent by Nabble.com) wrote: > > is there a tool (command line or graphic) which enables creation of > self-signed certificates with rSASSA-PSS? > Not currently in OpenSSL. The RSA PSS algorithm is not at present fully integrated into OpenSSLs public key framwor

X.509 tool generation

is there a tool (command line or graphic) which enables creation of self-signed certificates with rSASSA-PSS? View this message in context: X.509 tool generation Sent from the OpenSSL - User forum at Nabble.com.

Re: FIPS 140-2 Security Policy

This is my understanding of the rules, and I will freely admit that I am probably not qualified to give an appropriate discourse on this. The secret key that is used to encrypt a private key is generated from the passphrase, which itself is not the secret key. It is a "Key Generator". In order f

Re: EVP_get_digestbyname()

On Wed, Feb 01, 2006, Milan Tomic wrote: > > Is EVP_get_digestbyname() safe for usage in multithreading programs > (multiple concurent calls)? > It should be since certificate verification uses it. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core de

thanks Steve

Thanks Steve. I got it -Samy "Dr. Stephen Henson" <[EMAIL PROTECTED]> Sent by: [EMAIL PROTECTED] 01.02.2006 13:59 Please respond to openssl-users@openssl.org To openssl-users@openssl.org cc Subject Re: Error in signing Classification On Wed, Feb 01, 2006, Sam

EVP_get_digestbyname()

Is EVP_get_digestbyname() safe for usage in multithreading programs (multiple concurent calls)? Thank you in advance, Milan __ OpenSSL Project http://www.openssl.org User Support Mailing List

Re: Error in signing

On Wed, Feb 01, 2006, Samy Thiyagarajan wrote: > hi > when i try to sign my request i get an error saying the country name > field need to be same in CA cert and in the req. !! > That's because the policy section of the configuration file says they must match. If you don't want that use an

Error in signing

hi when i try to sign my request  i get an error saying the country name field need to be same in CA cert and in the req. !! Any idea..? here is the snip.. OpenSSL> ca -in expired_req.csr -cert ...  -keyfile ...  -key  -startdate 051201101010 -enddate 051230101010 -out expiredCert.pem Us

FIPS 140-2 Security Policy

I have a question about storage of private keys outside of the FIPS module and about CSPs in general - In section 4.1, Rules of Operation, rule 10 is given as: "Secret or private keys that are input or output from an application must be input or output in encrypted form using a FIPS approved