Hi Kyle
Kyle Hamilton wrote:
> OpenSSL does not distribute a CA bundle anymore. What is your
> OS/vendor? What is the name of the file that it was actually
> validating against, including full pathname?
>
> Which version of OpenSSL are you working with, also?
>
On my centos 5.2 the bundle is
> I'm trying to create a sub-ca with name constraints for website
> certificate generation with the effect that sub-ca can sign only certs
> for *.mydomain.com, i.e. anything ending in .mydomain.com
> thanks
> stephen
You should be aware that, unfortunately, this is only possible in a
controlled
On Wed, Mar 18, 2009 at 7:40 PM, Nate Leon wrote:
> All good points. I was not planning to go to production with that
> code - I was just happy to see something working. :)
> I was trying to figure out a way to call SSL_set_bio once per session
> with both read and write buffers, but I am stumped
Stephen Lewis writes:
[...]
> - It it possible to specify a dirName nameConstraint that allows CN to
> contain *.mydomain.com where * is anything but not allow CN = anything
> that does not end in .mydomain.com ?
I don't think that's possible (independent of what's expressible in
openssl.cnf).
Hi
I'm trying to create a sub-ca with name constraints for website
certificate generation with the effect that sub-ca can sign only certs
for *.mydomain.com, i.e. anything ending in .mydomain.com
I'm trying to do this using the nameConstraints extension. I find that
if I specify a single
name
How can I create and verify a RSASSA-PSS signature using openssl
command line?
I have searched for any documentation and/or tutorial on the subject
and have come up empty handed.
I need to be able to set the hash function and Mask Generation
Function to digest functions available under openss
> Francois -
>
> Thanks for your reply.
>
> On the source (where I am running openssl client):
> - The windows firewall is disabled (I have no other software
> based firewall
> software loaded)
> - I can connect to other (non-windows 2008/iis7) destination servers
> properly using the openssl clie
> From: owner-openssl-us...@openssl.org On Behalf Of Nagalakshmi Rajamoorthy
> Sent: Wednesday, 18 March, 2009 09:55
> #include#include#include#include enssl/bio.h>void
> {decrypt_key()unsignedcharpub_key[]={"-BEGIN PUBLIC KEY-mykey
> here-END PUBLIC KEY-n"}; {
> RSA *rsa_key=NULL;
Hi,
DTLS is already implemented in openssl-0.9.8j. We have done
some testing and found a couple of bugs which where fixed
bu Robin. These patches are available at
http://sctp.fh-muenster.de/dtls-patches.html
Robin also prepared some example programs which are available at
http://sctp.fh-muenster.
Francois -
Thanks for your reply.
On the source (where I am running openssl client):
- The windows firewall is disabled (I have no other software based firewall
software loaded)
- I can connect to other (non-windows 2008/iis7) destination servers
properly using the openssl client
On the destina
hi,
Here is my code
#include#include#include#includevoid
{decrypt_key()unsignedcharpub_key[]={"-BEGIN PUBLIC KEY-mykey
here-END PUBLIC KEY-n"}; {
RSA *rsa_key=NULL;
{
RSA_public_decrypt(data_size, data, dst, rsa_key, RSA_PKCS1_PADDING);
printf(
RSA_free(rsa_key);
}
BIO_free(bi
I am an openssl beginner. I want to implement the DTLS record protocol in
openssl-0.9.8j..
after establishing the handshaking using another protocol the aim is to send
records over udp using DTLS
Being a newbie i am finding it very hard to understand how to get started.
i understand that sufficien
All good points. I was not planning to go to production with that
code - I was just happy to see something working. :)
I was trying to figure out a way to call SSL_set_bio once per session
with both read and write buffers, but I am stumped there since this
call:
m_bioMem = BIO_new_mem_buf(encry
On Wed, Mar 18, 2009, Carter Browne wrote:
> You need to look at your data to see how the bytes are swapped:
> 3 common patterns:
>
> 1) Even odd bytes are swapped
> 2) The data was treated as 32 bit, one system is little ended and the
> other big ended.
> 3) The entire buffer is reversed.
You need to look at your data to see how the bytes are swapped:
3 common patterns:
1) Even odd bytes are swapped
2) The data was treated as 32 bit, one system is little ended and the
other big ended.
3) The entire buffer is reversed.
Assume pcBuffer is the char * pointer to your data, uiLen
Yes, I know that, but I don't know how to do that in code. I've found the
following post:
http://stackoverflow.com/questions/105252/how-do-i-convert-between-big-endian-and-little-endian-values-in-c
http://stackoverflow.com/questions/105252/how-do-i-convert-between-big-endian-and-little-endian-valu
On 2009.03.18 at 14:08:24 +0300, mb0 wrote:
> Hello,
>
> I'm trying to build openssl-0.9.8j using MinGW compiler on WindowsXP 32bit.
> use command:
> ms\mingw32
>
> During build process ssleay32.dll is not created.
> Only libeay32, libssl32
>
> BUT if build using Visual Studio, all 3 dll libraries
On Wed, Mar 18, 2009, Goblin_Queen wrote:
>
> Thanks for your reply, I had thought of that too because my search lead me to
> such an answer. How can I convert a char* from big endian to little endian?
> I googled for conversion examples but I only found conversions for int. I
> know this is prob
Thanks for your reply, I had thought of that too because my search lead me to
such an answer. How can I convert a char* from big endian to little endian?
I googled for conversion examples but I only found conversions for int. I
know this is probably a stupid question, but I'm still learning C++.
Hello,
I'm trying to build openssl-0.9.8j using MinGW compiler on WindowsXP 32bit.
use command:
ms\mingw32
During build process ssleay32.dll is not created.
Only libeay32, libssl32
BUT if build using Visual Studio, all 3 dll libraries are created.
How to solve this problem? I need to build usin
OpenSSL does not distribute a CA bundle anymore. What is your
OS/vendor? What is the name of the file that it was actually
validating against, including full pathname?
Which version of OpenSSL are you working with, also?
-Kyle H
On Tue, Mar 17, 2009 at 9:26 PM, Rodney McDuff wrote:
> I am doi
On Wed, Mar 18, 2009, Goblin_Queen wrote:
>
> Hello,
>
> I'm writing a program that has to sign a SHA1-hash value. I'm using OpenSSL
> to do this. My program has to do the same thing as another program which
> makes use of Microsoft Crypto API. In that program the method
> "CryptSignHash" was us
Hi Brad,
This looks like a windows socket issue. Error 10054 is "Connection reset
by peer."
You may have a firewall issue on windows 2008 that doesn't occur on the
other servers and does not block https traffic.
Cheers,
Francois.
Brad Baker wrote:
I’m trying to use open ssl to connect to a
Hello,
I'm writing a program that has to sign a SHA1-hash value. I'm using OpenSSL
to do this. My program has to do the same thing as another program which
makes use of Microsoft Crypto API. In that program the method
"CryptSignHash" was used in order to sign the hash value.
When I try to sign a
I'm trying to use open ssl to connect to an IIS7 site hosted on a Windows
2008 server:
openssl s_client -host server.domain.com -port 443
I'm getting the following error:
Loading 'screen' into random state - done
CONNECTED(00D8)
write:errno=10054
The same command works fine on an II
Thanks, that was helpful.
Dave Thompson-4 wrote:
>
>> From: owner-openssl-us...@openssl.org On Behalf Of brechmos
>> Sent: Thursday, 12 March, 2009 17:55
>
>> Yeah, I appreciate that.
>>
>> What I can't see in the docs is how the key and IV is defined from the
>> password and if I can do that
26 matches
Mail list logo
