Hi,
I am currently using OpenSSL 0.9.7e which has the option
linux-elf-arm
for ARM processors.Recently i downloaded OpenSSL 0.9.8c.It seems that the
linux-elf-arm option has been removed from the Configure file.
Can anyone throw some light on why this option has been
removed.I want
to us
When I do that, I now get:
RAPTOR_$ openssl s_client -connect adtest:636 "-CAfile" certnew.pem
CONNECTED(0003)
depth=0 /CN=adtest.altdomain2000.psccos.com
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0 /CN=adtest.altdomain2000.psccos.com
verify error:num=27
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf Of Erik Leunissen
> Sent: Wednesday, September 27, 2006 4:53 PM
> To: openssl-users@openssl.org
> Subject: Re: Seeding the OpenSSL PRNG
>
> Dr. Stephen Henson wrote:
> >
> > OpenSSL makes use of some sta
Hi Dan,
In message <[EMAIL PROTECTED]> on Mon, 25 Sep 2006 09:50:32 -0600, Dan O'Reilly
<[EMAIL PROTECTED]> said:
dano> My CA is another system (Windows) and I requested it to create
dano> the trusted root certificate in PKCS7 format, which I copied to
dano> my VMS system. I can use OPENSSL PKC
CryptoAPI is a standard component that you can expect to have on any
machine which has IE5 or later installed. You can also expect it to
be on Windows 2000+ as a default, as well as NT4SP3 or higher.
It uses the same mechanisms that the various /dev/urandom|/dev/random
implementations use, inclu
If your server (that is, the one which accepts the connection) is
sensitive to the number and content of the actual packets, the server
is in violation of the 'layer' boundary. SSL and TLS can be thought
of as another protocol in the AF_INET family, even though it's
implemented in user-level code
Dr. Stephen Henson wrote:
OpenSSL makes use of some standard sources of entropy on various platforms to
seed the PRNG automatically. On linux this includes the /dev/urandom device
and on Windows various things including the CryptoAPI PRNG.
OK, that explains, thanks.
The program is going to b
> Other side would return an error message:
>
> ORA-31154: invalid XML document
> ORA-19202: Error occurred in XML processing
> LSX-00213: only 0 occurrences of particle "greeting",
> minimum is 1
>
> It is totally confused, that is: i, as a client would never send
> greeting. One thing
> possible
On Wed, Sep 27, 2006, Erik Leunissen wrote:
>
> This makes me think that:
> - either there has been some other call into the OpenSSL library that
> implicitly seeded the PRNG without my noticing it (perhaps
> DSA_generate_parameters() or DSA_new() ), or
> - the warning mechanism doesn't work pr
The book "Network security with OpenSSL" says about seeding the OpenSSL
PRNG (on page 19):
"If you try to use OpenSSL without bothering to seed the random number
generator, the library will complain."
I recently discovered that I have been using DSA_generate_key() and
DSA_sign() without havi
On Wed, Sep 27, 2006, Antonio A wrote:
> dear Dr. Stephen,
> thanks again for your help :o)
>
> i am using the following code (C++ & Qt) to create
> certificate policies extension:
>
> x509v3ext GenExtDB::getCertPol()
> {
> x509v3ext ext;
> //#if 0
> if (!certPol->text().isEmpty()) {
dear Dr. Stephen,
thanks again for your help :o)
i am using the following code (C++ & Qt) to create
certificate policies extension:
x509v3ext GenExtDB::getCertPol()
{
x509v3ext ext;
//#if 0
if (!certPol->text().isEmpty()) {
ext.create(NID_certificate_policies,
cert
On Wed, Sep 27, 2006, Antonio A wrote:
> Dear Dr. Stephen,
> thanks for your answer :o)
>
> i am using OpenSSL 0.9.7 API to generate a
> certificate, so i would like to know if i have to edit
> openssl config file in order to use the certificate
> policies estension.
>
> i appreciate all help yo
Dear Dr. Stephen,
thanks for your answer :o)
i am using OpenSSL 0.9.7 API to generate a
certificate, so i would like to know if i have to edit
openssl config file in order to use the certificate
policies estension.
i appreciate all help you could give me.
best regards.
antonio araujo
--- "D
On Wed, Sep 27, 2006, V, Bharath (Bharath) wrote:
> Steve,
>
> Thanks for the quick reply...
> we are using the certificates for https communication so we wanted to
> replace RSA with AES.
> Is there any library that supports AES?
>
You cannot replace RSA with AES in that way with *any library*
Steve,
Thanks for the quick reply...
we are using the certificates for https communication so we wanted to
replace RSA with AES.
Is there any library that supports AES?
Thanks
Bharath
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Dr. Stephen Henson
Sent:
On Wed, Sep 27, 2006, V, Bharath (Bharath) wrote:
> Hi,
>
> I am using keytool command to generate the certificates, currently i am
> using RSA algorithm.
> We are planning to change this to AES, does Open SSL support AES?
> If yes can i use it with keytool command.
>
OpenSSL does support AE
- Original Message
From: Aarno Syvänen <[EMAIL PROTECTED]>
To: openssl-users@openssl.org
Sent: Wednesday, September 27, 2006 11:27:41 AM
Subject: Re: Strange problem with SSL_write
>
>> but
>> ethereal shows *two* application level packets.
>
To inspect ssl protocol sessions I suggest
Hi,
On 27 Sep 2006, at 10:20, David Schwartz wrote:
Then the problem: when i am doing SSL_write,
it does return full length of the packet i send,
You don't send packets to SSL_write, you send bytes. It returns the
number
of bytes sent, and if the other end doesn't receive that number of
Hello,
> Then the problem: when i am doing SSL_write,
> it does return full length of the packet i send, but
> ethereal shows *two* application level packets.
> The packet indedd contains 0x00s. Can this be a
> problem ?
No, sending first "empty" SSL packet and next "real"
(with data) is CBC timing
Hi,
I am using keytool
command to generate the certificates, currently i am using RSA
algorithm.
We are planning to
change this to AES, does Open SSL support AES?
If yes can i use it
with keytool command.
Thanks
Bharath
> Hi List,
>
> I am implementing EPP over SSL. It requires
> me send send hex data (the length of the xml
> document). In addition, making EPP request
> twice is an error. So it differs http with both
> these counts.
Okay.
> Then the problem: when i am doing SSL_write,
> it does return full leng
Aarno Syvänen wrote:
Hi List,
I am implementing EPP over SSL. It requires
me send send hex data (the length of the xml
document). In addition, making EPP request
twice is an error. So it differs http with both
these counts.
Then the problem: when i am doing SSL_write,
it does return full length
Hi List,
I am implementing EPP over SSL. It requires
me send send hex data (the length of the xml
document). In addition, making EPP request
twice is an error. So it differs http with both
these counts.
Then the problem: when i am doing SSL_write,
it does return full length of the packet i send,
24 matches
Mail list logo
