I wrote code using openssl in my application, one side is client in Java , and
one is server in C. When client connect to server, there is an error below:
javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException:
No X509TrustManager implementation available
I use client.p12
Hi,
I am trying to generate the correct pem file from our certs, but I never
get a correct file output. Can you give me very general Noob guides that
will help? Or some tips in the email would be fine. Thanks
Best Regards,
Mike Garcia [EMAIL PROTECTED]
On Fri, Jan 11, 2008 at 07:01:51PM -0800, Khanh Nguyen wrote:
> I am using file private key with expiration time within 365 days.
You are not. Private keys don't have expiration dates. Public key
certificates have expiration dates, set by the certificate issuer.
> Now, I want to use it more than
Hi everyone,
I am using file private key with expiration time within 365 days. Now, I want
to use it more than 365 days. Can I do this in openssl? and how can I do?
thanks a lot!
-
Never miss a thing. Make Yahoo your homepage.
On Fri, Jan 11, 2008, Meurer, Jerry L. (STL) wrote:
> I'm getting an error attempting to create a p12 file using OpenSSL. I
> can't seem to find anything that will lead me to a resolution. The
> error I'm getting is:
> "unable to get local issuer certificate getting chain"
>
> My setup is on a
Anil -
Unfortunately, I am not intimately familiar with what OpenSSL has
implemented. I know that we (Cisco) has been trying to negotiate the
minefield I talked about earlier for the better part of a year, but is still
working through it. I do know that when I talked with Certicom at the last
RSA
Hi Bob,
I have received so many mails from open-ssl users about this issue. Really
thanks for the information. After going through the mails and some
documentation about the Certicom patents, I understand that Certicom has more
patents in "efficient" implemenation of ECC and not in a way how w
I'm getting an error attempting to create a p12 file using OpenSSL. I
can't seem to find anything that will lead me to a resolution. The
error I'm getting is:
"unable to get local issuer certificate getting chain"
My setup is on a Windows server using Tomcat, with Apache. Apache
listening on 80,
On Fri, Jan 11, 2008, Victor Duchovni wrote:
> On Fri, Jan 11, 2008 at 07:28:00PM +0100, Dr. Stephen Henson wrote:
>
> > On Fri, Jan 11, 2008, Rodney Thayer wrote:
> >
> > >
> > > I wonder if apache-ssl supports ECC...
> > >
> >
> > Apache currently has algorithm specific code for keys and cert
On Fri, Jan 11, 2008 at 07:28:00PM +0100, Dr. Stephen Henson wrote:
> On Fri, Jan 11, 2008, Rodney Thayer wrote:
>
> >
> > I wonder if apache-ssl supports ECC...
> >
>
> Apache currently has algorithm specific code for keys and certificates with
> only RSA and DSA included as standard. That mean
On Fri, Jan 11, 2008, Rodney Thayer wrote:
>
> I wonder if apache-ssl supports ECC...
>
Apache currently has algorithm specific code for keys and certificates with
only RSA and DSA included as standard. That means each new public key
algorithm needs to be added as a special case.
Steve.
--
Dr S
On Fri, Jan 11, 2008 at 08:41:23AM -0800, Rodney Thayer wrote:
> That's great. I wonder what they tested it with. Probably
> the OpenSSL s_server tool ;-)
>
> I wonder if apache-ssl supports ECC...
If it uses OpenSSL, and is linked against 0.9.9 (i.e. not yet), then
ECDSA support requires no n
The OpenSSL DTLS implementation was significantly improved for 0.9.8f;
it had some serious bugs in 0.9.8e (including a security advisory). You
are recommended to use at least 0.9.8f for DTLS. See the 12-Oct-2007
Security Advisory note at http://openssl.org/ and the 0.9.8f and g
release note
[EMAIL PROTECTED] wrote:
Hello,
Does 'openssl s_server' support this? Are there public ECC TLS
implementations this is known to interoperate with?
You may look at Firefox source (NSS library).
In Firefox (2.0) you may view/control ssl ciphersuites entering
"about:config" url and next "ssl" as a
Prakash Kamath wrote:
My opinion: 2 times 2 = 4 no matter what approach you take, and so no one
can sue you to doing that Math. However, if someone comes up with a math
logic (software, hardware, combo, whatever) that does the same operation in
a superior way, then that is patentable.
I person
Larry Bugbee wrote:
I'm seeing vendors
beginning to support ECC, and a couple of CAs discussing and preparing
their CPs.
who? got names you can mention in public?
Our challenge as developers is to understand and be ready.
My point is that we've been in "get ready for ECC" mode since at le
Victor Duchovni wrote:
On Thu, Jan 10, 2008 at 10:25:00PM -0500, Victor Duchovni wrote:
Does 'openssl s_server' support this? Are there public ECC TLS
implementations this is known to interoperate with?
OpenSSL s_server is a test tool, not an application. In 0.9.9 snapshot
builds, s_server sup
Victor Duchovni wrote:
OpenSSL s_server is a test tool, not an application.
openssl the program, as built in the 'apps' directory of the openssl
source tree, is a test tool APPLICATION that has been used for almost
a decade to debug and interop test other (mostly commercial) TLS
implementatio
To summarize ECDH_compute_key, you provide a pointer to one party's EC
public Key, a pointer to another party's EC private key, and a pointer
to a hashing routine and the function will compute a shared secret
value.
However, there is much more to key exchange than merely understanding
how to use t
Hello,
> I have used ssldump tool. However I need to implement the logging
capability in my
> application. For example, if the application recieves a particular
Alert message , the
> application should dump all the messages that were exchanged for that
particular handshake.
You may set mes
It's planned to possibly use OpenSSL's DTLS1 to secure connections in
the DarkPlaces quake engine (possible purposes include nick name
certificates to protect against imposters, protection against packet
injection and a mutual player/clan trust system, server console access
authentication).
I unde
Hi,
There is not enough documentation on the usage of ECDH_compute_key.
Can anyone please help me in understanding its usage?
Also, it would be great if someone could point me to the usage of the
ECC API. I am basically interested in:
- the shared key generation using the provided public key and
Hi,
I read on the site
http://fixunix.com/openssl/157270-exception-ssleay32-dll.html there is some
one with the problem that i have.
windowsXp sp2 with all hotfixes and updates
perl 5.6
openSSL
package Crypt-SSLeay-0.53.tar.gz
when i start a test from the command line, i get a error
Hi all,
I have DTLS server/client model. My server is blocked in SSL_read.If
server received the packet from DTLS client how can I get the Client IP
infomation from SSL_read function.How to get the senders information from
SSL_read.
thanks in advance.
Regards
Prasanna.P.M.
Larsen & Toubro
Hi,
I have used ssldump tool. However I need to implement the logging
capability in my application. For example, if the application recieves a
particular Alert message , the application should dump all the messages that
were exchanged for that particular handshake.
Thanks,
Vicky
On 1/11/08
Hello,
> Does 'openssl s_server' support this? Are there public ECC TLS
> implementations this is known to interoperate with?
You may look at Firefox source (NSS library).
In Firefox (2.0) you may view/control ssl ciphersuites entering
"about:config" url and next "ssl" as a filter word.
Next you m
Hi there,
On Fri, 11 Jan 2008, Vicky Ven wrote:
> I need to the capture the SSL handshake messages between my client
> application and server.
> How do we dump detailed SSL Handshake messages? Does OpenSSL offer some
> means?
Depends on your platform.
Try tcpdump if you have something that offe
Hi,
I need to the capture the SSL handshake messages between my client
application and server.
How do we dump detailed SSL Handshake messages? Does OpenSSL offer some
means?
Thanks,
Vicky
Hi there,
On Thu, 10 Jan 2008, Rodney Thayer wrote:
> As far as I'm concerned...
Your analysis was very helpful. Thanks very much.
--
73,
Ged.
__
OpenSSL Project http://www.openssl.org
User Sup
29 matches
Mail list logo
