> > I was thinking about an alternate solution, using blocking sockets,
> > and doing the connect on another thread. If the user cancels the
> > operation I'd close the socket (BIO_free) and I guess the connect
> > would return with an error and the thread would exit then. Seems a
> > little dirty
Just move the CA directory over and you'll be fine. X.509
certificates are designed for offline usage, rather than requiring a
connection to the authenticator (the CA) at all times.
-Kyle H
On Mon, Oct 27, 2008 at 3:13 PM, Chris de Vidal <[EMAIL PROTECTED]> wrote:
> Fast response! Thanks.
>
> O
Fast response! Thanks.
On Mon, Oct 27, 2008 at 4:49 PM, Victor Duchovni
<[EMAIL PROTECTED]> wrote:
> If you want to field a new root CA certificate, with a new subject ==
> issuer DN, all systems that trust the old CA cert will need to have the
> new CA cert added to the list of trusted root CAs
> I was thinking about an alternate solution, using blocking sockets,
> and doing the connect on another thread. If the user cancels the
> operation I'd close the socket (BIO_free) and I guess the connect
> would return with an error and the thread would exit then. Seems a
> little dirty but it co
On Mon, Oct 27, 2008 at 04:40:24PM -0400, Chris de Vidal wrote:
> We need to change the hostname of our CA. Actually, we'll be moving
> from CentOS 3.9 to Windows 2003, from built-in OpenSSL to XAMPP's
> OpenSSL. But it seems to me that the only difference that SSL clients
> will notice is the n
We need to change the hostname of our CA. Actually, we'll be moving
from CentOS 3.9 to Windows 2003, from built-in OpenSSL to XAMPP's
OpenSSL. But it seems to me that the only difference that SSL clients
will notice is the new hostname.
Anyone know how to do this?
--
Thanks,
Chris de Vidal
==
I have tls running on my machine on port 25 for SMTP. How do I switch between
non TLS mode and TLS mode on the same socket?
Steve
Michael S. Zick wrote:
> On Fri October 24 2008, David Schwartz wrote:
>>
> - - - -
>>
>> Notice how this assumes that if BIO_sock_error returns zero, the connection
>> completed? This is a bogus inference. The absence of an error just means the
>> connection attempt has not failed *yet* and tells
Hello,
Good day.
I am doing my master thesis on developing a framework for creating
secured intranet sites. I am using openssl for enabling https in my
framework. I have a problem in integrating openssl completely into my
framework. When I run an application developed based upon openSSL it
a
