SSL_connect on the client will only send the client certificate if the
server requests it and sends a list of authority names it will accept,
AND the certificate is signed by one of those authority names.
SSL_ERROR_SSL is an error stating that an SSL session couldn't be
established, either because
What's the validity period for your CA certificate?
and did you really mean '1902'?
-Kyle H
On 2/3/06, Petr Silhavy <[EMAIL PROTECTED]> wrote:
> Hello,
> I've got this strange error while trying to sign request created by
> ./CA.sh -newreq
>
> openssl ca -policy policy_anything -days 100 -out ne
Riewski, Martin Eric wrote:
Hi,
I'm getting errors when installing OpenSSL on a HPUX 10.2 box.
This is info about box: HP-UX i3107spw B.10.20 A 9000/847
I ran ./config and this is output:
$ ./config
Operating system: 9000/847-hp-hpux1x
Configuring for hpux-parisc-cc elif [ 528 -ge 523 ]; then
I would like to be able to hard code the key/cert in the
application instead of having files.
Is there something similar to: SSL_CTX_use_PrivateKey_file
and SSL_CTX_use_PrivateKey_file but that I can use pointers
memory?
If so, how do I convert the current files into that binary
data format?
I
Hi,
I'm getting errors when installing OpenSSL on a HPUX 10.2 box.
This is info about box: HP-UX i3107spw B.10.20 A 9000/847
I ran ./config and this is output:
$ ./config
Operating system: 9000/847-hp-hpux1x
Configuring for hpux-parisc-cc elif [ 528 -ge 523 ]; then # PA-RISC 1.0
CPU OUT=hpux-pari
have you tried to call "ERR_error_string" to find out what exactly is going on?
could be that the server and client are using different version of ssl.
-Original Message-
From: Ambarish Mitra [mailto:[EMAIL PROTECTED]
Sent: Friday, February 03, 2006 1:27 AM
To: openssl-users@openssl.org
On Fri, Feb 03, 2006, prakash babu wrote:
>
> Is reading a rsakey in fips mode different from reading the rsa key in non
> fips mode.
>
In FIPS mode apart from certain exceptions the MD5 digest algorithm use is
forbidden. OpenSSL "traditional" encrypted private key format uses MD5 to
derive
Has anyone tried the PKITS suite:
http://csrc.nist.gov/pki/testing/x509paths.html
against OpenSSL?
I'm planning to use some of those tests, and it would help if I knew what
tests are known to fail.
Brad
pgpnrbtMc9Fjw.pgp
Description: PGP signature
Hello,
I've got this strange error while trying to sign request created by
./CA.sh -newreq
openssl ca -policy policy_anything -days 100 -out newcert.pem -infiles
newreq.pem
Using configuration from /usr/local/ssl/openssl.cnf
Enter pass phrase for ./CA/private/cakey.pem:
entry 8: invalid expiry d
Good to see that the message had triggered
a nice discussion. Now things are clear.
Thanks for all.
Samy
Kyle Hamilton <[EMAIL PROTECTED]>
Sent by:
[EMAIL PROTECTED]
03.02.2006 03:27
Please respond to
openssl-users@openssl.org
To
openssl-users@openssl.org
cc
Subject
Re: s
Hello,
Thank you for your response. I'll try to clear up a
few things: I don't want to rewrite the ASN1 parser,
but I want to be able to decode each value separately.
I already have classes that, using the openssl parser,
decode the basic types (integer, enum, octet string,
bit string etc). So, I
On SSL_connect, the openssl documentation mentions that: "initiate the
TLS/SSL handshake with an TLS/SSL server"
I have created the client cert and loaded into the context with
"SSL_CTX_use_certificate_file" and the corresponding private key with
"SSL_CTX_use_PrivateKey_file". This association wor
Hello All,I am using the OpenSSL 0.9.7j-fips-devĀ on HPUXI built the above version by enabling the fips optionI have a 512 bit rsa key in a file rsakey.pemĀ # cat rsakey.pem-BEGIN RSA PRIVATE KEY-MIIBPAIBAAJBAJvyW3C7htCJYQ2sjXM1r4EgOc5uQFN6N62UstEn+8A8+YShdQ2wFcM7gRKNmTAtizyFP1i8sHO6YGEgkiA8
13 matches
Mail list logo
