You're looking for X.509 encoding of the CSR. Thus, you'd be looking
at the X509_* series of functions.
Since it's a request, the subset of functions would be X509_REQ_*. To
decode it, you want d2i_X509_REQ_{bio|fp}().
I have to doublecheck the functions that can be used to get info out
of it,
Hi All,
I have a quick question.
How can I get To-Be-Signed portion of certificate with openssl api ?
In case of using JDK, X509Certificat class and getTBSCertificate() method
seem to be available for the same purpose.
I'm not familiar with the openssl api, and I couldn't find the appropriate
api
Hi
My application written (in cpp) using openssl 0.9.7e is having some memory
leaks. I try the standard way to find the memory leak using
//In the Beginning
CRYPTO_malloc_debug_init();
CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
//In the End
CRYPTO_me
On Tue, Feb 28, 2006, Kyle Hamilton wrote:
> This brings up a really interesting point.
>
> What is the appropriate separation of functions? What can I presume
> is in each library? (eay32 is crypto stuff. ssl32 should be the BIO
> and SSL session management stuff?)
>
libssl or its equivalen
This brings up a really interesting point.
What is the appropriate separation of functions? What can I presume
is in each library? (eay32 is crypto stuff. ssl32 should be the BIO
and SSL session management stuff?)
-Kyle H
On 2/28/06, Chandi Bernier <[EMAIL PROTECTED]> wrote:
> Hey guys,
>
> I
Hey guys,
I've tried a precompiled windows version of 0.9.7.c openssl and it was
lacking symbols for these 3 fnc :
ERR_print_errors_fp
BIO_new_socket
OPENSSL_add_all_algorithms_noconf (or conf)
Then I've decided on compiling my own version using mingw... which worked.
But it's still lacking
Hello,
I just wanted to point out that in the bio.h header file there is a define
called __attribute__ in version openssl-0.9.8a that conficts with a similiar
define in the apr.h header file that is in the newest apache httpd server
(httpd-2.2.0). To compile apache, I edit bio.h to comment out
I am upgrading from 0.9.7a to 0.9.7i on fedora 3 core with apache 1.3.33. The
make process was successful but I have a few questions before I run make
install.
Will there be any concerns with installing openSSL 0.9.7i on Fedora 3 with a
current installation of 0.9.7a using Apache 1.3.33. Will I n
Bonjour,
Hodie pr. Kal. Mar. MMVI est, Mark H. Wood scripsit:
> I think that part of the difficulty here is the words used. Our
> experience in other areas is overwhelmingly in favor of "serial number"
> being a sample from a counter that starts at 0 or 1 and is incremented by
> 1 every time it's
The first sentence of the explanation below
seems to infer that its ok to call ssl_library_init() from each thread that
might want to access the SSL library.
I don’t think that’s what was
intended.
I think the last sentence is more accurate
– if you have a multi-threaded application
Hi all,
I've installed openssl 0.9.8a version and I'm using new features from
pkcs12_create (cert maybe null). Everytime I call PKCS12_parse it
transforms pkey address into 0x0, so it's impossible to recover values
from pk12 object. I've searched some example codes and they seem the
same as mine, b
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I think that part of the difficulty here is the words used. Our
experience in other areas is overwhelmingly in favor of "serial number"
being a sample from a counter that starts at 0 or 1 and is incremented by
1 every time it's consulted. So we see a
Hello guys,
I'm started to dig into mobile PKI and have stated, what openssl does not
support WTLS / x9.68 standards. Don't want to invent another one bicycle, so
can somebody point me to any available solution to generate WTLS or (better)
x9.68 certificate?
Thanks in advance.
Regards,
Dmitrij
Thank's a lot...I'm gona try this... I already got the output of "ldd" best regards [EMAIL PROTECTED] # ldd /usr/local/ssl/bin/openssl libssl.so.0.9.7 => /usr/local/ssl/lib/libssl.so.0.9.7 libcrypto.so.0.9.7 => /usr/local/ssl/lib/libcrypto.so.0.9.7 libso
Actually, there's a paper that was pointed out to me not too long ago
(by Philipp Gühring of CAcert.org) -- it /should/ be possible, however
there's a severe lack of support in the current implementations.
http://www.dfn-pca.de/bibliothek/reports/pki-linking/report-linking-final-1.0.2.pdf
(CC:AT-N
Thanks Nils and Andrew for the replies.
-JBOn 2/27/06, Nils Larsch <[EMAIL PROTECTED]> wrote:
Jagannadha Bhattu G wrote:> Hi,>> Can I call SSL_library_init multiple times in my code under different> threads?as SSL_library_init() initializes global tables it should onlybe called from one thread a t
Hi,
This question might be slightly silly and out of place but this
conversation brought it up to me. I don't remember seeing the answer...
Is it possible to send several chains, each rooted by a different CA ?
And then let the client determine if he trusts one of those CAs.
Cheers,
- Alai
The only certificates that must be sent are the server identification
and the certs up to (but not including) the trust anchor. (Since the
client already has the trust anchor, it will verify against its local
copy of the root CA, not the copy of the root CA that came from the
connection.)
Sending
18 matches
Mail list logo
