#0 0x08081361 in BIO_ctrl ()
#1 0x0815fac0 in ?? ()
#2 0x08051a88 in ?? ()
#3 0xbf9a4e98 in ?? ()
#4 0x0805ad6e in SSLwrapper::ProcessBuffers (this=0xb7fdb480,
[EMAIL PROTECTED], read=false, write=false) at SSLwrapper.cpp:34
Previous frame inner to this frame (corrupt stack?)
I get that when
In message <[EMAIL PROTECTED]> on Mon, 19 Mar 2007 14:28:57 -0800, Shane
McDonald <[EMAIL PROTECTED]> said:
Shane_McDonald> I have a hardware acceleration engine on a board for
Shane_McDonald> which I've got a Linux device driver, but I don't have
Shane_McDonald> an OpenSSL driver for the engin
Thanks, Victor. It looks like OCF-Linux is exactly what I'm looking for.
I had run across OCF in my googling, but thought it was for OpenBSD,
and obviously hadn't looked into it far enough.
Shane
> On Monday, March 19, 2007 4:00 PM, Victor Duchovni wrote:
> On Mon, Mar 19, 2007 at 02:28:57PM -0
On Mon, Mar 19, 2007 at 02:28:57PM -0800, Shane McDonald wrote:
> I have a hardware acceleration engine on a board for which I've got a
> Linux device driver, but I don't have an OpenSSL driver for the engine.
^^ kernel ^^^^ application ^^
> Is it possible to configur
Hello:
I'm sorry if this information can be found elsewhere, but I haven't been able
to find it.
I have a hardware acceleration engine on a board for which I've got a Linux
device driver, but I don't have an OpenSSL driver for the engine. Is it
possible to configure OpenSSL to use the Lin
Nils Larsch wrote:
Moin Jürgen,
Jürgen Heiss wrote:
Hi everybody,
I try to verify a xml file which was signed with ecdsa-sha1.
I alredy read to SignatureValue from the xmlfile. which is.
724PlFGHTTL1cFlLFU6g6UetcPVBEAN6oNpogAUx3rgELFH86gA+NqvjVf316zek
are you _really_ sure that this is a
Ron: This may be a long shot, but have you tried it by leaving out the
"make test" step. It is not in the recommended steps for building the
FIPS version of OpenSSL in either the Security Policy or the User Guide.
I have always used:
./config fips
make
make install
albe
Hello,
> What should I check and where
> STARTTLS=server, error: SSL_CTX_check_private_key failed(/demoCA/newkey.pem): > 0
This means that your public part of private key (n,e) does not exist
in certificate you provided.
I other words, your certificate is not from your private key.
Best regards,
What should I check and where
STARTTLS=server, error: SSL_CTX_check_private_key failed(/demoCA/newkey.pem): 0
__
OpenSSL Project http://www.openssl.org
User Support Mailing List
One other item which may help: the documentation says that the make install is
supposed to install four files. Three of them exist: fipscanister.o,
fipscanister.o.sha1, and fips_premain.c. However, the fourth,
fips_premain.c.sha1, doesn't exist. Instead I have fips_premain.dso. Is this a
proble
Hi Bill,
Thanks for responding. To make sure I didn't screw things up, I untarred the
openssl-fips-1.1.1 tarball again, and ran through the config, make, make test,
and make install. The make install still fails the same way. However, from what
I can see, all the object files do exist. Using yo
Hi
I have a Server ( LINUX) waiting for connection from Client ( Window CE
5.0) using TLSv1 connection.
I have no control over Client.
On the Server side, I load "Root Cert' and Server's Private/Cert. After
connection, I get message:
"verify error:number=26:unsupported certificate purpose"
Here are the steps I used to create the cert: I removed some information
to protect the innocent.
Thanks!
Mike
openssl genrsa -des3 -out portal-server.key 1024
openssl req -new -key portal-server.key -out portal-server.csr
Using configuration from /usr/share/ssl/openssl.cnf
Ent
Nils Larsch wrote:
James Walker wrote:
I'm wondering why the sigbuf parameter of RSA_verify is declared as
unsigned char* rather than const unsigned char*. It's not going to
change the signature, is it?
it should not change the signature input and in openssl >= 0.9.8
it is const.
Thanks!
-
Thanks Victor for your help
STARTTLS=server, error: SSL_CTX_check_private_key failed(/demoCA/serverkey.pem)
the new cert I called serverkey.pem how do I creat the key for this file
Mike
On 3/19/07, Victor Duchovni <[EMAIL PROTECTED]> wrote:
On Mon, Mar 19, 2007 at 10:58:19AM -0400, Michael
Thanks
I made newcert.pem (thats not to replace the cacert is it) append the
private key to newcert.pem?? I have a cakey newkey(newreq)
Thanks Mike
On 3/19/07, Victor Duchovni <[EMAIL PROTECTED]> wrote:
On Mon, Mar 19, 2007 at 10:58:19AM -0400, Michael Fedor wrote:
> I created that...just
I tried an other xmlfile.
Xa4w7I1obBULyZoZRuq5UHIwQVle8NmugYafWWaOU+GoWgp2e745PA7DTT0xztaH
When I decode this SignatureValue with the following function
char *unbase64(unsigned char *input, int length)
{
BIO *b64, *bmem;
char *buffer = (char *)malloc(length);
memset(buffer, 0, length)
On Mon, Mar 19, 2007 at 10:58:19AM -0400, Michael Fedor wrote:
> I created that...just to get ssl/tls working how and what do I do
> with the files they sent me
Ensure that all 4 files are in PEM format. For each file try:
openssl x509 -in type_name_of_file_here -noout -issuer -subject
i
I created that...just to get ssl/tls working how and what do I do
with the files they sent me
Thanks
On 3/19/07, Victor Duchovni <[EMAIL PROTECTED]> wrote:
On Mon, Mar 19, 2007 at 10:40:18AM -0400, Michael Fedor wrote:
> They send me 4 files
>
> 1 AddTrustExternalCARoot.ca trust root
>
> 2
On Mon, Mar 19, 2007 at 10:40:18AM -0400, Michael Fedor wrote:
> They send me 4 files
>
> 1 AddTrustExternalCARoot.ca trust root
>
> 2 UTNAddTrustServer_CA.crt intermediate ca
>
> 3 NetworkSolutions_CA.crt intermediate ca
>
> 4 (domain) ther.comdomain cert
>
If they are your CA, it s
Im lost on how to bring in Certs from Network Solutions.. Im trying
to get TLS running TRUSTED. My OS redhat..and one of the problems
TLS is working from inside to out but anyone replying command unknown
STARTTLS=client, relay=mail.sterlingsavings.com., version=TLSv1/SSLv3,
verify=FAIL, cipher
Im lost on how to bring in Certs from Network Solutions.. Im trying
to get TLS running TRUSTED. My OS redhat..and one of the problems
TLS is working from inside to out but anyone replying command unknown
STARTTLS=client, relay=mail.sterlingsavings.com., version=TLSv1/SSLv3,
verify=FAIL, cipher
Ron: You need to determine why most of your object files are not being found,
for example /var/tmp/openssl-fips-1.1.1/crypto/aes/aes_cbc.o
It should exist after the make, but it would appear that it is not there when
you are doing the make install.
With regard to you question on SSH, it was pro
Yes,
sorry my error
2007/3/19, Victor Duchovni <[EMAIL PROTECTED]>:
On Mon, Mar 19, 2007 at 12:58:22PM +0100, Vincenzo Sciarra wrote:
> openssl x509 -in mykey.pem -inform PEM -out mykey.der -outform CER
>
That would be:
... -outform DER
not
... -outform CER
--
Vi
On Mon, Mar 19, 2007 at 12:58:22PM +0100, Vincenzo Sciarra wrote:
> openssl x509 -in mykey.pem -inform PEM -out mykey.der -outform CER
>
That would be:
... -outform DER
not
... -outform CER
--
Viktor.
__
openssl x509 -in mykey.pem -inform PEM -out mykey.der -outform CER
2007/3/19, legolas <[EMAIL PROTECTED]>:
Hi
Thank you for reading my post.
How i can convert a pem file to a cer file in openSSL?
thanks
--
View this message in context:
http://www.nabble.com/how-i-can-convert-a-pem-file-to-
CA.pl --newreq
Create a new request of signature
CA.pl --sign
Sign request with CA information (the default CA created with CA.pl tool)
CA.pl tool takes information from openssl.cnf. You can change folders in the
tool as you like.
CA.pl -verify is the tool to verify that everything is working
Hi
Thank you for reading my post.
How i can convert a pem file to a cer file in openSSL?
thanks
--
View this message in context:
http://www.nabble.com/how-i-can-convert-a-pem-file-to-a-cer-file-using-openSSL--tf3426291.html#a9549874
Sent from the OpenSSL - User mailing list archive at Nabble.c
As long as nobody could help me I continued my search on my own and found the
following
http://tools.ietf.org/html/draft-ietf-pkix-ocdp-00
In chapter 3 you can find:
…Examples of CRL partition scopes are:
(1) All of the certificates of a CA with serial numbers between 10,000
and 19,999 inclusive
Thank you for your comments.
I delete the demoCA and then I create a CA using ca.pl
It create the CA in default folder (I did not edit the pl file to change the
folder.)
My question is :
How i can sign some certification using this new CA?
What if I create my CA in some other folders, how w
Does really no one have any idea?
-Original Message-
From: Jürgen Heiss
Sent: Montag, 19. März 2007 08:41
To: 'openssl-users@openssl.org'
Subject: RE: Problem with ecdsa
Hi Nils,
Maybe there was really something wrong with this xml file.
But I have an other xml file which was also signe
Hi,
I would suggest using CSP - a perl wrapper for OpenSSL - to set up your CA:
http://devel.it.su.se/pub/jsp/polopoly.jsp?d=1026&a=3290
You can download the source using CVS (see
http://devel.it.su.se/pub/jsp/polopoly.jsp?d=1025).
CSP is quite easy to use, at least, to get started. Here is the
Step 1) locate CA.pl script
Step 2) Understand use of CA.pl (./CA.pl --help)
CA.pl create a new CA, sign a self-signed certificate and sign user
certificate.
I think it's what you need.
2007/3/19, legolas <[EMAIL PROTECTED]>:
Hi
Thank you for reading my post.
Can some please tell me wheth
Hi
Thank you for reading my post.
Can some please tell me whether what i think is correct or not and then give
me some help to complete what I am intending to complete?
Each user in a system can have a digital certification.
this digital certifications can be generated using techniques mentioned
Use CA.pl tool
2007/3/19, legolas <[EMAIL PROTECTED]>:
--
View this message in context:
http://www.nabble.com/How-i-create-a-Ca-tf3425581.html#a9547887
Sent from the OpenSSL - User mailing list archive at Nabble.com.
__
--
View this message in context:
http://www.nabble.com/How-i-create-a-Ca-Ca-tf3425583.html#a9547890
Sent from the OpenSSL - User mailing list archive at Nabble.com.
__
OpenSSL Project http://www
--
View this message in context:
http://www.nabble.com/How-i-create-a-Ca-tf3425581.html#a9547887
Sent from the OpenSSL - User mailing list archive at Nabble.com.
__
OpenSSL Project http://www.op
Self-Signed Certificate - Windows Vistaplease post the steps you did to create
the self-signed cert
Ted
- Original Message -
From: Mike Koponick
To: openssl-users@openssl.org
Sent: Thursday, March 15, 2007 1:09 PM
Subject: Self-Signed Certificate - Windows Vista
Hello,
38 matches
Mail list logo
