> let's see... you're talking about the authorityKeyIdentifier? I
> thought that that went up 2 steps up the tree and then gave a serial
> number of cert issued by that CA.
No, it identifies the key that is signing the actual cert (or CRL). A CA's
subject key identifier (SKI) gets populated as t
hi, guys:
i was compiling team f1's open ssh-ssl module for vxworks, the make gives me
the following error message:
make: Unknown option -w
does anybody here have a clue of this problem?
tia.
chong peng
__
OpenSSL Project
On Sat, Feb 25, 2006, Kyle Hamilton wrote:
> On 2/25/06, Dr. Stephen Henson <[EMAIL PROTECTED]> wrote:
> > It was introduced as a bug fix to stop OpenSSL producing invalid
> > certificates
> > under certain circumstances.
> >
> > A clarification indicated that zero was considered an invalid seria
On So, 26 Feb 2006, Dr. Stephen Henson wrote:
> On Sun, Feb 26, 2006, Georg Lohrer wrote:
>
> >
> > Even if I create an explicit serial-file it won't be used for the 'req'
> > command (tested with strace).
> >
> > Any ideas what I'm doing wrong? Or is the man-page wrong?
> >
>
> The manual pa
On 2/25/06, Dr. Stephen Henson <[EMAIL PROTECTED]> wrote:
> It was introduced as a bug fix to stop OpenSSL producing invalid certificates
> under certain circumstances.
>
> A clarification indicated that zero was considered an invalid serial number.
"serialNumber: A unique positive integer." At l
On Sat, Feb 25, 2006, Kyle Hamilton wrote:
> Is there a way to specify the old behavior? (I'm collecting as much
> information as I can on current practice and putting it all together
> -- the overloading of 'authorityKeyIdentifier' is only part of the
> problem with current X.509 practice, and t
Is there a way to specify the old behavior? (I'm collecting as much
information as I can on current practice and putting it all together
-- the overloading of 'authorityKeyIdentifier' is only part of the
problem with current X.509 practice, and that overloading creates a
situation where software m
On Sat, Feb 25, 2006, Chris wrote:
> Is there any documentation covering the AES support in OpenSSL? I can't
> find anything. There seems to be no manual entry or anything under docs.
>
The preferred interface to all ciphers is EVP.
> I do have it working but I'm wondering how to change the b
On Sun, Feb 26, 2006, Georg Lohrer wrote:
>
> Even if I create an explicit serial-file it won't be used for the 'req'
> command (tested with strace).
>
> Any ideas what I'm doing wrong? Or is the man-page wrong?
>
The manual page needs updating. It now uses a random serial number unless a
seri
Hi,
if I use the command:
$ /usr/local/bin/openssl req -x509 -new -days 30 -key ./cacert.key -out
./cacert.pem -outform PEM
to create a self-signed root-certificate the 'man req' page says:
-x509 this option outputs a self signed certificate instead of a
certificate request. This is
Earlier I posted saying I needed to do the following for
0.9.8a:
Startup Known Answer Tests: RSA, 3DES, Pseudorandom Number Generator
(PRNG), and HMAC SHA-1
As well as:
-Continuous Random Number Generator Test for the PRNG
-Continuous Random Number Generator Test to test the entropy of
If you want to know how if MySQL can use OpenSSL, it probably makes more
sense to ask MySQL folks.
/r$
--
SOA Appliance Group
IBM Application Integration Middleware
__
OpenSSL Project ht
Is there any documentation covering the AES support in OpenSSL? I
can't find anything. There seems to be no manual entry or
anything under docs.
I do have it working but I'm wondering how to change the block size
(seems to always use 128 bits by default?) and what the difference
between AES_encr
MySQL would have to implement this. I believe there is some support
of SSL encrypted connections in MySQL. Try here first:
http://dev.mysql.com/doc/refman/5.0/en/secure-connections.html and if
you still have questions, try the MySQL mailing lists.
Andrew
Thomas Fitzgerald wrote:
Nobod
Title: Message
Nobody
knows the answer to this question?
Tom Fitzgerald, CIO POS International, Inc. Technical
Support is available at http://www.posintl.com/support/docs.htm or 800-646-4767
-Original Message-From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
Behalf
EVP_DecryptFinal:bad decrypt
He's not providing the right passphrase for the CA key.
On 2/25/06, Lutz Jaenicke <[EMAIL PROTECTED]> wrote:
>
> Hello,
> I'm tring to do certificate for FreeRadius but the follw command fail:
>
>
> openssl ca -policy policy_anything -out newcert.pem -passin pass:what
- Forwarded message from Christian Fusciello <[EMAIL PROTECTED]> -
X-Original-To: [EMAIL PROTECTED]
X-Original-To: [EMAIL PROTECTED]
Delivered-To: [EMAIL PROTECTED]
X-BrightmailFiltered: true
X-Brightmail-Tracker: AA==
From: Christian Fusciello <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Hi,
according to E.Rescorla: "SSL and TLS" ISBN 0-201-61598-3 p.53 OpenSSL
is free for commercial and noncommercial use (BSD-style license). RSA`s
patent expired in September 2000. As of the direction, I would prefer
J.Menezes: "Handbook of Applied Cryptography" ISBN 0-8943-8523-7.
Regards,
18 matches
Mail list logo
