Hello,
> $ openssl s_server -key key.pem -cert crt.pem -debug -state -cipher
> ACCEPT <-- waiting for client connection
Should be:
$ openssl s_server -key key.pem -cert crt.pem -debug -state -cipher
EXP-DES-CBC-SHA
Best regards,
--
Marek Marcola <[EMAIL PROTECTED]>
___
Hello,
> are there some available settings to build openssl for small footprint
> applications and devices?
> I mean to get a smaller library like matrixssl [1] and strip thing and
> module out someone might not need ?
In my personal opinion: no.
(This is why MatrixSSL was built).
Best regards,
Hello,
> RFC 4346 says the server key exchange message is only sent when
> DHE_DSS, DHE_RSA, or DH_anon is used as the cipher suite. It further
> says the server key exchange message can contain RSA or DH public
> components. I am confused. If DHE_DSS, DHE_RSA, or DH_anon is used,
> then DH is used
Hello,
> I am hitting a strange problem with Openssl. Recently I migrated from
> OpenSSL-0.9.8a to OpenSSL-0.9.8d, from the release notes, I see that some
> fixes have gone into cipher selection logic of OpenSSL.
>
> Now for the same CLIENT HELLO message (same as in no diff to cipher order
> or ss
Hi Steve,
RFC2633 defines 1.2.840.113549.1.9.16.2.11 to identify the
SMIMEEncryptionKeyPreference signed attribute (id-aa-encrypKeyPref).
Are there any plans to enhance the command line interface todo so, i.e. to
be able to specify a .pem preferred encryption certificate file with an
additional p
