Hello,
After digging some more I saw that the cause of the problem was that the
BIO callback function "b->method->bgets" that should have pointed to
file_gets actually pointed to BIO_new_fp which obviously crashed my
program. I don't know what caused this, but I can guess that this is
related t
> No, my risk model is to simply ascertain whether distributing the certs
> as files in the application directory is a serious security risk or not
> and, if it is, what steps can make it less so.
If it's a security risk, it's because something is broken someplace else.
Why do you need to hide a
Victor Duchovni wrote:
On Wed, Dec 24, 2008 at 03:59:13PM -0500, Edward Diener wrote:
I am working for an employer who will be selling a product to end users.
The risk model is that my employer feels it would be bad if a hacker
were able to easily understand where the client certs reside in the
Michael S. Zick wrote:
On Wed December 24 2008, Edward Diener wrote:
Michael S. Zick wrote:
On Wed December 24 2008, Edward Diener wrote:
In a client application communicating with a MySQL server, I am using
SSL to encrypt/decrypt data sent to and from the database. This requires
me to have th
Kyle Hamilton wrote:
On Wed, Dec 24, 2008 at 1:27 PM, Edward Diener wrote:
Kyle Hamilton wrote:
If you're on Windows, it does make sense to include the PEMs for the
CA (and chain) in the application directory. (See, for example, the
software distribution of Second Life, which has its own CA f
On Wed, Dec 24, 2008 at 03:59:13PM -0500, Edward Diener wrote:
>
> I am working for an employer who will be selling a product to end users.
> The risk model is that my employer feels it would be bad if a hacker
> were able to easily understand where the client certs reside in the end
> user appl
On Wed, Dec 24, 2008 at 1:27 PM, Edward Diener wrote:
> Kyle Hamilton wrote:
>>
>> If you're on Windows, it does make sense to include the PEMs for the
>> CA (and chain) in the application directory. (See, for example, the
>> software distribution of Second Life, which has its own CA for TLS
>> a
On Wed December 24 2008, Edward Diener wrote:
> Michael S. Zick wrote:
> > On Wed December 24 2008, Edward Diener wrote:
> >> In a client application communicating with a MySQL server, I am using
> >> SSL to encrypt/decrypt data sent to and from the database. This requires
> >> me to have the PEMs
Kyle Hamilton wrote:
If you're on Windows, it does make sense to include the PEMs for the
CA (and chain) in the application directory. (See, for example, the
software distribution of Second Life, which has its own CA for TLS
authentication of its own grid servers.)
For client certificates, thou
Michael S. Zick wrote:
On Wed December 24 2008, Edward Diener wrote:
In a client application communicating with a MySQL server, I am using
SSL to encrypt/decrypt data sent to and from the database. This requires
me to have the PEMs for the CA, client key, and client certificate
distributed as pa
If you're on Windows, it does make sense to include the PEMs for the
CA (and chain) in the application directory. (See, for example, the
software distribution of Second Life, which has its own CA for TLS
authentication of its own grid servers.)
For client certificates, though, it depends. If it'
On Wed December 24 2008, Edward Diener wrote:
> In a client application communicating with a MySQL server, I am using
> SSL to encrypt/decrypt data sent to and from the database. This requires
> me to have the PEMs for the CA, client key, and client certificate
> distributed as part of the applicat
In a client application communicating with a MySQL server, I am using
SSL to encrypt/decrypt data sent to and from the database. This requires
me to have the PEMs for the CA, client key, and client certificate
distributed as part of the application. Of course these certificates
will not work excep
13 matches
Mail list logo
