On Wed, Oct 25, 2006, Ken Johanson wrote:
>
> I found, and am able to use, the new arbitrary-oid/built-in compiler for
> ASN1 (strings in this case):
>
> 1.2.3.4.5=critical,ASN1:UTF8String:abcd
>
> but am wondering is its possible to do something like
>
> 1.2.3.4.5=critical,ASN1:OctetFile:/hom
Hello,
Does anyone know if there is some syntactical sugar that will allow us
to import binary data from a file, from within openssl.cnf?
Specifically, I want to experiment with importing photo-ids (jpegs) into
the a cert/req.
I found, and am able to use, the new arbitrary-oid/built-in compiler
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Mouse schrieb:
> Traditionally the term "self-signed" applied to certificates that are NOT
> signed by anybody but the owner of the given key pair. With all the relevant
> security implications.
>
> What is the purpose of checking for "self-signed cer
Marc Girod wrote:
Marc Girod <[EMAIL PROTECTED]> writes:
I got from HP a copy of the makefile used to build OpenSSL into a depot
(which I cannot use as such), but this is where I'll be working now.
The depot is for an older version of openssl, and I get different errors
which have no reason
On 10/25/06, Dr. Stephen Henson <[EMAIL PROTECTED]> wrote:
On Wed, Oct 25, 2006, Goetz Babin-Ebell wrote:
>
> It is always possible to have more than one certificate with the
> same subject name.
>
> Only the combination issuer name / serial number must be unique.
> (Last time I checked OpenSSL
Marc Girod <[EMAIL PROTECTED]> writes:
> I got from HP a copy of the makefile used to build OpenSSL into a depot
> (which I cannot use as such), but this is where I'll be working now.
The depot is for an older version of openssl, and I get different errors
which have no reasons to be easier to so
Think I've resolved the error that's on the XP machine, or at least I think so.
When I run nmake -f ms\ntdll.mak test, it looks fine.
When I did was
1) remove /WX from VC-32.pl
2) remove unsupported DESCRIPTION statement from libeay32.def.
Hopefully I'll be as lucky when I try on the Win 2000 m
On Wed, Oct 25, 2006, Goetz Babin-Ebell wrote:
>
> It is always possible to have more than one certificate with the
> same subject name.
>
> Only the combination issuer name / serial number must be unique.
> (Last time I checked OpenSSL has problems with more than one CA
> certificate with the
Traditionally the term "self-signed" applied to certificates that are NOT
signed by anybody but the owner of the given key pair. With all the relevant
security implications.
What is the purpose of checking for "self-signed cert"? To see if only the
owner signed that key? Of to see that key owner A
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Ambarish Mitra schrieb:
Hello Ambarish,
> On Wed, Oct 25, 2006, Goetz Babin-Ebell wrote:
>
>> openssl verify -CAfile self_signed_cert.pem self_signed_cert.pem
>> should return:
>> self_signed_cert.pem: OK
>
> Maestro Steve appended:
>
>> Indeed, tec
Thanks Ted & Steve,
I've changed my commands to
1) perl Configure VC-WIN32 --prefix=C:/Build/httpd-2.2.3/srclib/openssl
2) ms\do_nasm
3) nmake -f ms\ntdll.mak
On a Win 2000 machine, when command 3) is run, the following errors were
encountered:
.\crypto\bio\b_sock.c(728) : error C2037: left o
On Wed, Oct 25, 2006, Goetz Babin-Ebell wrote:
>
> Vincenzo Sciarra schrieb:
> > Hi,
> Hello Vincenzo,
>
> > just check if issuer and holder are the same!
>
> or do it the correct way:
>
> openssl verify -CAfile self_signed_cert.pem self_signed_cert.pem
>
> should return:
>
> self_signed_cert.pe
On Wed, Oct 25, 2006, Goetz Babin-Ebell wrote:
>
> Vincenzo Sciarra schrieb:
> > Hi,
> Hello Vincenzo,
>
> > just check if issuer and holder are the same!
>
> or do it the correct way:
>
> openssl verify -CAfile self_signed_cert.pem self_signed_cert.pem
>
> should return:
>
> self_signed_cer
On Wed, Oct 25, 2006, IT Professional wrote:
> Thanks Ted,
> I've download it. Am wondering whether you have tried compiling it in windows?
> Cos I'm wondering whether the compilation commands have changed.
> I'm using the following set of commands:
> perl Configure --openssldir=C:/www/Apache22/bi
IT Professional wrote:
Thanks Ted,
I've download it. Am wondering whether you have tried compiling it in windows?
Cos I'm wondering whether the compilation commands have changed.
I'm using the following set of commands:
perl Configure --openssldir=C:/www/Apache22/bin VC-WIN32
ms\do_ms (It didn't
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Vincenzo Sciarra schrieb:
> Hi,
Hello Vincenzo,
> just check if issuer and holder are the same!
or do it the correct way:
openssl verify -CAfile self_signed_cert.pem self_signed_cert.pem
should return:
self_signed_cert.pem: OK
> 2006/10/25, Bhat,
al wrote:
> Hi,
>
> Anyone know where I can download the source for OpenSSL 0.9.9[-dev]?
> Couldn't find it either at OpenSSL root or mirrored sites.
>
> Thanks!
>
Downloading the latest snapshot from
ftp://ftp.openssl.org/snapshot/openssl-SNAP-20061025.tar.gz worked fin
Hi all,
I did a software that verifies the certificate of the server it
connects to, but when I specify the CA file with
"SSL_CTX_set_client_CA_list ()" the certificate is accepted, and when I
only specify a path to the directory containing the certificate it
fails at depth 1.
I do not un
Am I wrong? When I read the docs for the snapshot for 0.9.8b, it is stated that
ECC cipher suites are included as part of 'ALL'. So why do I still need to
define ECCdraft when using openssl s_server?
I've tried defining +ECCdraft in the SSL Cipher Suite but it's without success.
Anyone got bette
IT Professional wrote:
Hi,
Anyone know where I can download the source for OpenSSL 0.9.9[-dev]?
Couldn't find it either at OpenSSL root or mirrored sites.
Thanks!
Downloading the latest snapshot from
ftp://ftp.openssl.org/snapshot/openssl-SNAP-20061025.tar.gz worked fine
wi
Hi,just check if issuer and holder are the same!2006/10/25, Bhat, Jayalakshmi Manjunath <[EMAIL PROTECTED]>:
Hi All, How do I check if the given certificate is self-signed?Thanks and Regards,
Jaya__OpenSSL Project
Hi All,
How do I check if the given certificate is self-signed?
Thanks and Regards,
Jaya
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@open
If you have the base64 cert in your file system, just do this:
openssl x509 -in cert.pem -inform PEM -noout -subject
openssl x509 -in cert.pem -inform PEM -noout -issuer
Hope this helps. Let us know.
Ambarish.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf
On 10/25/06, Ambarish Mitra <[EMAIL PROTECTED]> wrote:
If the subject and issuer are the same, then the cert is self-signed.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Bhat, Jayalakshmi
Manjunath
Sent: Wednesday, October 25, 2006 12:45 PM
To: openssl-u
If the subject and issuer are the same, then the cert is self-signed.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Bhat, Jayalakshmi
Manjunath
Sent: Wednesday, October 25, 2006 12:45 PM
To: openssl-users@openssl.org
Subject: How to check if the certificate
Hi All,
How do I check if the given certificate is self-signed?
Thanks and Regards,
Jaya
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@open
26 matches
Mail list logo
