Merci pour les info..
I have a small project with Openssl and we chose to work with PKI.
we made a CA generated certificates and implemented them.
we need to do some more stuff, any suggestions..??
we thought of online CA but it seems to be difficult to implement... : )
so
Kyle Hamilton wrote:
I truly, truly wish that people would stop thinking themselves into
the "crypto box".
A CA needs to be only as secure as the things that its certificates
secure. In this case, if they're trying to create user authentication
certificates for their customers so that they can
Thanks. Yes I have made sure they are all in there.
The certificate in question reads out something like:
subject name: servername.subdomain.domain.com
SAN#1: servername.subdomain.domain.com
SAN#2: servername.domain.com
SAN#3: servername
SAN#4: sip.domain.com
SAN#5: sip.subdomain.domain.com
Do
The only thing special about OCS certificates is that they must
contain all the names -- including all possible fully-qualified domain
names -- that the server can be accessed by in the
subjectAlternativeName extension. This is the most common reason for
this error (and the 'help text' in the erro
I have an Office Communications Server 2007 and an OpenSSL CA (which is
actually managed by a different group).
Using the OCS Certificate Wizard I have been generating requests, but the
Certificates I get back, while importing into the server without issue, are not
trusted by the Communicator c
On Fri, Jan 15, 2010 at 04:11:04PM -0500, Adam Grossman wrote:
> A simpler question might be (hopefully), is after i call "SSL_accept",
> is there a way to retrieve all the raw data which was read in by
> SSL_accept?
Don't call SSL_accept() unless you know that the client's first
message is an SS
I have an Office Communications Server 2007 and an OpenSSL CA (which is
actually managed by a different group).
Using the OCS Certificate Wizard I have been generating requests, but the
Certificates I get back, while importing into the server without issue, are not
trusted by the Communicator c
A simpler question might be (hopefully), is after i call "SSL_accept",
is there a way to retrieve all the raw data which was read in by
SSL_accept?
thanks,
-=- adam grossman
On Fri, 2010-01-15 at 11:51 -0500, Victor Duchovni wrote:
> On Fri, Jan 15, 2010 at 10:57:35AM -0500, Adam Grossman wrote:
Hi,
I'm wondering if there is a way to pass on external application data during
a handshake, without putting it into the x509 cert, because I don't want to
sign it every time I change the ex data.
I've got multiple server instance running at once on the same adress, and
the client choose to contac
I truly, truly wish that people would stop thinking themselves into
the "crypto box".
A CA needs to be only as secure as the things that its certificates
secure. In this case, if they're trying to create user authentication
certificates for their customers so that they can have the full
benefits
Hello,
Please ignore my previous mail.
I have to generate a certificate with multiple OSCP URL in Authority
Information Access section of certificate.
I have generated a certificate with single URL value using following entry in
configuration:
authorityInfoAccess = 1.3.6.1.5.5.7.48.1
Hello,
I have to generate a certificate with multiple OSCP URL in Authority
Information Access section of certificate.
I have generated a certificate with single URL value using following entry in
configuration:
authorityInfoAccess = 1.3.6.1.5.5.7.48.1;URI:http://localhost:16916
which put f
On Fri, Jan 15, 2010 at 10:57:35AM -0500, Adam Grossman wrote:
> Is there a way i can detect if the incoming connection is not SSL/TLS
> (not encrypted) and then retrieve what has been read in already. i will
> then use standard read/write to handle the unsecure connection? i know
> that sounds l
hello,
Is there a way i can detect if the incoming connection is not SSL/TLS
(not encrypted) and then retrieve what has been read in already. i will
then use standard read/write to handle the unsecure connection? i know
that sounds like a bad idea, but i have requirements to do this...
thank you
Abbass Marouni wrote:
I have a project, in which I am asked to implement an online
Certificate Authority.
we will be using website hosted in a free server.(Geocities,...).
wasn't geocities shut down finally, after stagnating for the last decade?
anyways, AFAIK, it never let you use any sort o
15 matches
Mail list logo
