Re: Custom Fields in X.509 Certificate

2009-06-30 Thread So Gerald
you can try this: "Netscape Comment" 2009/6/30 Bruce Stephens > Martin Schneider writes: > > [...] > > > I want to include some kind of meta information into certificates, e.g. > > > > foo = x > > bar = y > > baz = z > > > > A collegue of mine recommended to use the "subject alternative name" >

/usr/share/ssl/CA/private

2009-06-30 Thread Arsen Hayrapetyan
Hello, I have openssl-0.9.7a-43.17.el4_6.1 installed on my system. There is a directory /usr/share/ssl/CA/private. What is this directory for? In default configuration file /usr/share/ssl/openssl.cnf I can see that this directory is not used for storing the private key (by default). So wh

Re: Custom Fields in X.509 Certificate

2009-06-30 Thread Bruce Stephens
Martin Schneider writes: [...] > I want to include some kind of meta information into certificates, e.g. > > foo = x > bar = y > baz = z > > A collegue of mine recommended to use the "subject alternative name" > extension > (http://www.openssl.org/docs/apps/x509v3_config.html#Subject_Alternativ

Custom Fields in X.509 Certificate

2009-06-30 Thread Martin Schneider
Hello list, I'm not much into the details of X.509 certificates, so I please need a little "kick off" help. I want to include some kind of meta information into certificates, e.g. foo = x bar = y baz = z A collegue of mine recommended to use the "subject alternative name" extension (http://www

Re: No keyphrase asked when using CMS compression + signing

2009-06-30 Thread Willem Bos
By the way, I compiled version 1.0.0beta1 and beta2 with './config zlib-dynamic shared' and version 0.9.8k with './config zlib-dynamic shared enable-cms' Regards, Willem. On Tue, Jun 30, 2009 at 11:15 AM, Willem Bos wrote: > Hi all, > > I'm trying to compress + sign + encrypt files using the foll

No keyphrase asked when using CMS compression + signing

2009-06-30 Thread Willem Bos
Hi all, I'm trying to compress + sign + encrypt files using the following command line : openssl cms -compress -sign -in datafile.txt -nodetach -signer signer.crt -inkey private.key -outform DER |\ openssl cms -encrypt -binary -des3 -outform DER -out datafile.txt.encrypted addressee.crt When I l

ssl accelerator cards

2009-06-30 Thread Teo Wei Min
Hi all, I was wondering if there is a list of ssl accelerator cards that support openssl? Also, could someone explain how the cards work exactly? Do the cards just take care of decryption of whatever data i send to it (via some api?) through a specified algo? Or it is configured to listen to some