Hi Christian
Thankyou for your reply. I already did that but no use
-
X509_CRL *pCRL=0, *pTempCRL = 0;
pCRL = d2i_X509_CRL_fp( m_pfCRLFile, &pTempCRL );
if( !pCRL )
{
printf("Unable to read using d2i_X509_CRL_fp\n");
rewind(m_pfCRLFile);
pCRL = PEM_read
Hi,
On Fri, Jan 08, 2010 at 11:42:39AM +0530, Radha krishna Meduri -X (radmedur -
HCL at Cisco) wrote:
>
>
> X509_CRL *pCRL=0, *pTempCRL = 0;
>
> pCRL = d2i_X509_CRL_fp( m_pfCRLFile, &pTempCRL );
>
> if( !pCRL )
> {
> printf("Unable to read using d2i_X509_CRL_fp\n");
/* Filepointer
Hi Experts
I am writing simple standalone cpp program to read CRL file but could
not. Please correct me If I miss anything in the program...I am getting
"Unable to read CRL file" as in the last printf statement.
#include "openssl/ssl.h"
#include "stdio.h"
int main()
{
FILE* m_pfCRLFile=0;
cons
On Thu, Jan 7, 2010 at 5:20 PM, Lou Picciano wrote:
> Kyle,
>
> Meanwhile, as we now gird our loins for the impending reversion of many big
> apps on our servers (only to re-implement updates when openSSL 0.0.8m
> becomes available!), is there any tweaking of a simple SSL-enabled Apache
> /Directo
On Thu, Jan 07, 2010 at 07:11:28PM -0800, Michael D wrote:
> Hello,
> Once again I back trying to understand ECDHE.
>
> I would like to use openssl and s_server and s_client for my
> trail and error testing.
>
> I have my notes on generating a key file, but I can't seem to
> find my notes on
Hello,
Once again I back trying to understand ECDHE.
I would like to use openssl and s_server and s_client for my
trail and error testing.
I have my notes on generating a key file, but I can't seem to
find my notes on starting s_client and s_server such that they
do the elliptic curve diffie h
Kyle,
Many thanks for your clarification of the problem. In fact, we've been
following the renegotiation bug discussion with some interest - though with
clearly insufficient 'attention'(sic)! We had understood this issue was being
addressed by v0.9.8l, not introduced by it...
Meanwhile, as w
Ok I was close. If anyone is interested, you can set up a directory
of CRLs in DER format by making the following calls:
X509_LOOKUP *lookup = X509_STORE_add_lookup(x509_store, X509_LOOKUP_hash_dir());
X509_LOOKUP_add_dir(lookup,path,X509_FILETYPE_ASN1);
After a little research I realized that X
Renegotiation is disabled in 0.9.8l due to the prefix-injection attack
flaw that the IETF/TLS group just approved a draft standard to fix.
I expect 0.9.8m to have the new renegotiation semantics enabled.
Until then, you can go back to 0.9.8k -- just be aware that
renegotiation cannot be performed
SSL renegotiation was identified as a security hole in SSL processing.
It is normally disabled in 0.9.8l.
Carter
Carter Browne
CBCS
cbro...@cbcs-usa.com
781-721-2890
Lou Picciano wrote:
> Anyone have any ideas on this?
>
> Have recently updated an otherwise working environment to include
> op
Anyone have any ideas on this?
Have recently updated an otherwise working environment to include openSSL
v0.9.8l. Suddenly, mod_ssl is reporting:
Re-negotiation handshake failed: Not accepted by client!?
Other than a refresh of CRL, this configuration has been running AOK through
openSSL 0.
Hi,
I'm using tn3270 sessions running over SSL. I may have up to 124 sessions
activated concurrently, although I plan to get up to 250 sessions at some
point.
Whenever the sessions are stopped and restarted, I notice intermittently that
memory grows in multiples of 4K bytes.
I'm running on
On January 6, 2010 12:19:53 pm Johannes Bauer wrote:
> Patrick Patterson schrieb:
> > Check out the archives, and see my reply to Martine Schneider and David
> > Schwartz from yesterday to the query:
> >
> > Sign CSR after modifying data in CSR possible?
>
> A, thanks! With "openssl ca" it's po
13 matches
Mail list logo
