Hi,
As per the standards for tls1.0, ssl3.0 if the
'DistinguishedName certificate_authorities<3..2^16-1>' field must be
atleast 3 bytes. But tls1.1 says it can be 0 length if not present.
openssl does things the tls1.1 way if there are no distinguished names,
i.e., sends 0 length even for ssl
Hi,
>I used following command:
>"openssl req -new -key key2006.pem -out csr.pem".
>
>
>But I can't input State or Province Name &Locality Name.
>
>
>I checked the CSR file using "openssl req -noout -text -in
>csr.pem".
>But I couldn't find State or Province Name &Locality Name in this file.
>So I
Hello.
I tried to create CSR for update the SSL server.
I used following command:
"openssl req -new -key key2006.pem -out csr.pem".
But I can't input State or Province Name &Locality Name.
I checked the CSR file using "openssl req -noout -text -in
csr.pem".
But I couldn't find State or Pro
Dear,
I want to set a 12 hex digit to a BIGNUM, how can i do
that?
for example
double ii= 0x0BE07D99DB79;
The instruction wont work? int BN_set_word(BIGNUM *a,
unsigned long w);
Regards,
Kashif
__
Do You Yahoo!?
Tired of spam? Yahoo! Mail h
To verify a server as trustworthy, you must obtain the server's
certificate, and certificate chain leading up to a trusted CA, or
explicitly trust the server's certificate as presented.
You can avoid the C problem by using Perl or another language which
can speak TLS/SSL, but you cannot avoid TLS/
Dominique Lohez wrote:
This could be due to the fact that in JAVA character are coded in
UNICODE ( Each character uses 2 bytes)
While in C each character is coded with only one byte for each
character. This could be checked from JAVA by squeezing
the first byte of each character.
I would hav
http://archive.midrange.com/linux5250/200505/msg00024.html
look at this I think I could help you
>Certain that \o isn't a quoted o in this context? Forward or doubled-back
>slashes?
I don't think !!
regards
Doug2die4
__
OpenSSL
I've just recently put together a C# class library that wraps the crypto DLL via PInvoke. I was wondering if anyone here would be interested in such a thing or if perhaps I should just create a seperate project for it. It has many advantages but the biggest is allowing for ease of use of the OpenSS
Sry finally found where I did wrong.
I should change the FQDN in the x509v3.cnf file
that where it take info to make the x509 cert
Thx to all anyway
On 3/13/06, Doug Frippon <[EMAIL PROTECTED]> wrote:
> I've just figure out something,
> with the openssl x509 -in mycert.crt -noout -text command, Is
The normal PEM_read, etc., functionsstop when they find the first object of the right type. If you want to
read in a multiple certs from a single file, you probably want to use adata format such as PKCS7 or PKCS12 that supports it natively.Actually you can use PEM_X509_INFO_read_bio() to read in a
Hi,
I gave up and downloaded a binary!
Andrew
On 3/13/06, Doug Frippon <[EMAIL PROTECTED]> wrote:
http://archive.midrange.com/linux5250/200505/msg00024.html
look at this I think I could help you>Certain that \o isn't a quoted o in this context? Forward or doubled-back>slashes?I don't think !!re
[EMAIL PROTECTED] schrieb:
> Pretty much confirm what I thought. The OPENSSL API is so rich and I
> havn't touch it (web server) in a while, I figured it wouldn't hurt to ask.
An alternative would be one host certificate with multiple
subject alt names.
This way you can issue a certificate that
Doug Frippon wrote:
I mean instead of just writting tmp\e_os.h in your config file ( there
one probably) write down c:\openssl-0.9.8a\tmp\e_os.h
maybe mingw32 couldn't find tmp\e_os.h and need the full path to that file
Certain that \o isn't a quoted o in this context? Forward or doubled-back
nope sry
for my part that the only thing that come in mind, if I think of
something else I'll let you know.
On 3/13/06, Andrew Madu <[EMAIL PROTECTED]> wrote:
>
> nope, no joy here!
>
> Any other ideas as to why a folder/file combination cannot be found within
> the config file(s)?
>
> Andrew
nope, no joy here!
Any other ideas as to why a folder/file combination cannot be found within the config file(s)?
Andrew
On 3/13/06, Doug Frippon <[EMAIL PROTECTED]> wrote:
I mean instead of just writting tmp\e_os.h in your config file ( thereone probably) write down c:\openssl-
0.9.8a\tmp
[EMAIL PROTECTED] wrote:
On 3/13/06 8:43 AM, openssl-users@openssl.org wrote to All:
On Mon, 2006-03-13 at 08:35 -0500, [EMAIL PROTECTED] wrote:
So for one group, they will give them a HTTPS URL for domainX, and for
another group, they will give them another HTTP URL for DomainY, but
they wil
I've just figure out something,
with the openssl x509 -in mycert.crt -noout -text command, Isaw that
there is the same subjectAltName in my two cert. I'm sure that I
diodn't wrote the same in both of them, but seems like if some one
have modify it. =-)
BTW I've add the subjectAltNmae by writting d
You comments are right, but there is sole evolution.
See my mail from Feb 6, the openssl library contains a patch for the TLS
extension
of servername (which still needs to be implemented in browsers), but at
least the following patch for apache2 (working with a current openssl
snapshot
not on
I mean instead of just writting tmp\e_os.h in your config file ( there
one probably) write down c:\openssl-0.9.8a\tmp\e_os.h
maybe mingw32 couldn't find tmp\e_os.h and need the full path to that file
Doug2die4
On 3/13/06, Andrew Madu <[EMAIL PROTECTED]> wrote:
>
> Doug,
> sorry for sounding dim he
Doug,
sorry for sounding dim here but could you just clarify what you mean by full path, full path from where to where?
regards
Andrew
On 3/13/06, Doug Frippon <[EMAIL PROTECTED]> wrote:
Try it with full path maybe it can solve your prob!!!Doug2die4On 3/13/06, Andrew Madu <
[EMAIL PROTECTED]>
Try it with full path maybe it can solve your prob!!!
Doug2die4
On 3/13/06, Andrew Madu <[EMAIL PROTECTED]> wrote:
>
> Hi Doug,
> yes my tmp folder is in c:\openssl-0.9.8a. Any ideas?
>
> regards
>
> Andrew
>
>
> On 3/13/06, Doug Frippon <[EMAIL PROTECTED]> wrote:
> >
> IS your tmp folder in c:\op
Thanks.
Pretty much confirm what I thought. The OPENSSL API is so rich and I
havn't touch it (web server) in a while, I figured it wouldn't hurt to ask.
Beating a dead horse. :-)Thanks again.
---
Hector
On 3/13/06 9:46 AM, Ted wrote:
> I don't think you can use SSL make multiple (virtual)
Hi Doug,
yes my tmp folder is in c:\openssl-0.9.8a. Any ideas?
regards
Andrew
On 3/13/06, Doug Frippon <[EMAIL PROTECTED]> wrote:
IS your tmp folder in c:\openssl-0.9.8a???if not your path isn't oktry with full path to the tmp folder
Doug2die4On 3/13/06, Andrew Madu <[EMAIL PROTECTED]> wro
vipin rathor wrote:
hi all,
I want to develop a small utility in C to show all information
about the X509 certificate file in a structured comprehensive(as
displayed by browsers like IE). i'm working on SLES 9. so please help
me out
one more thing, i know the routines like X509_get
hi all, I want to develop a small utility in C to show all information about the X509 certificate file in a structured comprehensive(as displayed by browsers like IE). i'm working on SLES 9. so please help me out one more thing, i know the routines like X509_get_subject_name() and X50
[EMAIL PROTECTED] wrote:
On 3/13/06 8:43 AM, openssl-users@openssl.org wrote to All:
On Mon, 2006-03-13 at 08:35 -0500, [EMAIL PROTECTED] wrote:
So for one group, they will give them a HTTPS URL for domainX, and for
another group, they will give them another HTTP URL for DomainY, but
On 3/13/06 8:43 AM, openssl-users@openssl.org wrote to All:
> On Mon, 2006-03-13 at 08:35 -0500, [EMAIL PROTECTED] wrote:
> >
> > So for one group, they will give them a HTTPS URL for domainX, and for
> > another group, they will give them another HTTP URL for DomainY, but
> > they will be hitti
uno wand wrote:
From: "Dr. Stephen Henson" <[EMAIL PROTECTED]>
The block size of AES is 128 bits, you therefore need 16 characters
or 32 hex
digits in the IV.
Steve.
--
Thanks for the reply, I figured that out earlier too, by re-reading
the documentation
I have on hand. I always had the
IS your tmp folder in c:\openssl-0.9.8a???
if not your path isn't ok
try with full path to the tmp folder
Doug2die4
On 3/13/06, Andrew Madu <[EMAIL PROTECTED]> wrote:
>
> Hi,
> I am running windows XP (Version 5.1.2600) with service pack 2 and am trying
> to use MinGW to build openssl. I use
Hi,
I am running windows XP (Version 5.1.2600) with service pack 2 and am trying to use MinGW to build openssl. I use the following command as per th einstructions in the Install doc for windows:
c:\openssl-0.9.8a>ms\mingw32
and get the following read out:
process_begin: CreateProcess(null),
On Mon, 2006-03-13 at 08:35 -0500, [EMAIL PROTECTED] wrote:
>
> So for one group, they will give them a HTTPS URL for domainX, and for
> another group, they will give them another HTTP URL for DomainY, but
> they
> will be hitting the same IP server.
sounds like a virtual domain. If you have 2
For our web server, Wildcat! Web Server, it loads 1 SSL certificate for
the web server.
I have a need to allow multiple SSL certificate for the same web server.
This is not a virtual domain need. I don't fully understand the customer
requirement, but a customer wishes to have use multple SSL
> One of our customers is using a certificate from globalsign.
> They use three root certificate's in the chain.
A definition of root certificate is that nobody in the chain comes after
it. So you don't mean three root certificates, but perhaps three
intermediates or two intermediates and a roo
I want to create a sample program which connects to the server and reads in various information to verify that this server is trustworthy and then when i verify its the correct one ,connect and transfer data. I have only seen client and server examples which use a client and server pair made by a C
HI:
Now i am trying to design a client/server communication
program on a embedded board and a PC through Internet.SSL will be used to
protect the communication channel.I choose ARM9 as the CPU core of the
embedded board.Now I have compile openssl and have arm-linux-gcc installed
on RH9.But I
I've finally gotten OpenSSL to work on my Microsoft Windows LAN with
InfoPath 2003.
Here is the order of my use of OpenSSL to generate a .p12 cert for use in
Microsoft's InfoPath 2003 program.
I first created a Root Certification Authority Certificate on a Windows PC
using OpenSSL 0.98a which is
Hi,
One of our customers is using a certificate from globalsign.
They use three root certificate's in the chain.
Is there a way to create a pem formatted file with all three certificate's
from the chain?
Regards
Martijn
__
Open
37 matches
Mail list logo
