Hello,
I am receiving a 0200274D error when attempting to connect to a linux server.
274D=10061 ECONNREFUSED.
Not sure what the reason is 1869? could somebody please tell me.
Much appreciated in adavance.
Thanks,
Garyc
__
O
Hi Michael,
I have not implemented a rehandshake but as I understand, it can be pretty
complicated. Searching for "OpenSSL rehandshake" on google pointed me to this
article (http://www.rtfm.com/openssl-examples/part2.pdf) by Eric Rescorla,
describing the rehandshake in detail. Hope this he
> From: owner-openssl-us...@openssl.org On Behalf Of Klaus Heinrich Kiwi
> Sent: Wednesday, 23 September, 2009 15:59
> I noted that when generating a RSA public key pair using a
> non-standard public exponent (particularly, 65538, or 0x01,
> 0x00,0x02), the RSA_generate_key never returns, and th
Dear Victor,
On Wed, Sep 23, 2009 at 11:33 PM, Victor Duchovni <
victor.ducho...@morganstanley.com> wrote:
> On Wed, Sep 23, 2009 at 10:43:11PM +0200, Michael Prinzinger wrote:
>
> "Certificates" are useless without corresponding signed messages. What
> messages are signed by the private key of t
I noted that when generating a RSA public key pair using a non-standard
public exponent (particularly, 65538, or 0x01, 0x00,0x02), the
RSA_generate_key never returns, and the program keeps using 100% CPU
until I kill it.
My question is: Is this behavior expected? If some non-standard publ.
ex
On Wed, Sep 23, 2009 at 10:43:11PM +0200, Michael Prinzinger wrote:
> I am trying to establish a routing path for an anonymity protocol (
> http://en.wikipedia.org/wiki/Phantom_Anonymity_Protocol).
> This is a one way procedure: the node that wants to be anonymized selects a
> couple of other node
Thank You Ashish for your answer!
On Wed, Sep 23, 2009 at 10:30 PM, Ashish Thapliyal <
ashish.thapli...@citrix.com> wrote:
> I set the following for the global context which is used to create the
> connection:
>
> // Set the SSL certificate verify mode
>
> SSL_CTX_set_verify(_glo
Thank you for your answer Victor,
I am trying to establish a routing path for an anonymity protocol (
http://en.wikipedia.org/wiki/Phantom_Anonymity_Protocol).
This is a one way procedure: the node that wants to be anonymized selects a
couple of other nodes and sends an array with setup packages (
I set the following for the global context which is used to create the
connection:
// Set the SSL certificate verify mode
SSL_CTX_set_verify(_globalContext, SSL_VERIFY_PEER, NULL);
Then the server requests the peer (i.e. the client) for a certificate during
the handshake, which t
On Wed, Sep 23, 2009 at 10:04:48PM +0200, Michael Prinzinger wrote:
> and let the client verify the servers certificate, like this
>
> X509* x509 = SSL_get_peer_certificate(s);
> > CHECK(x509 != NULL);
> >
> > //check certificate
> > long certVerifyResults = SSL_get_verify_resul
Dear OpenSSL group,
I have a somewhat curious setting (without CAs) about routing information
along several nodes:
[1] first an unkown client establishes a connection to a known server
thus I set
SSL_CTX_set_verify(this->ctx, SSL_VERIFY_NONE, NULL);
>
and let the client verify the servers c
On Thu, Sep 24, 2009 at 01:00:34AM +1000, Daniel Black wrote:
> On Wednesday 23 September 2009 13:25:09 Victor Duchovni wrote:
> > On Wed, Sep 23, 2009 at 11:03:55AM +1000, Daniel Black wrote:
> > > Should SSL_set_tlsext_host_name convert the domain name to ACE as per
> > > RFC4366 3.1 where it ta
On Wednesday 23 September 2009 13:25:09 Victor Duchovni wrote:
> On Wed, Sep 23, 2009 at 11:03:55AM +1000, Daniel Black wrote:
> > Should SSL_set_tlsext_host_name convert the domain name to ACE as per
> > RFC4366 3.1 where it talks about IDNA (RFC 3490)?
>
> On the wire, domain names are always of
On Wed, Sep 23, 2009, Pankaj Aggarwal wrote:
> Ok !!
>
> Stephen, Could you tell me which RSA Sign Verfiy functions are available in
> fips mode. The FIPS 140-2 Annexure A states that RSASSA-PKCS1-v1_5 and
> RSASSA-PSS contained within PKCS#1 v2.1 can be used for sign/verify. What
> are the corre
Hello.
In my shared library project I utilize during linking some complied .o
files, some static .a libraries and some shared .so libraries. One of
utilized libraries is openssl.
When I use openssl as shared library, my result library has not TEXTREL
section and that is what I want.
When I use ope
This is a problem for us with FIPS module 1.2.0.
wolfoftheair wrote:
>
> Is this still present in FIPS module 1.2.0?
>
> -Kyle H
>
> On Mon, Aug 24, 2009 at 11:55 AM, Mike Trent
> wrote:
>>
>>
>>
>> Mike Trent wrote:
>>>
>>> It seems that after setting FIPS mode off one cannot set it back on
16 matches
Mail list logo
