On Fri, Apr 16, 2010, Dimitrios Siganos wrote:
> Dr. Stephen Henson wrote:
>> On Fri, Apr 16, 2010, Dimitrios Siganos wrote:
>>
>>> Now, I would like this engine to install automatically i.e. without
>>> having to run the engine command. I tried adding the following to
>>> openssl.cnf
>>>
>>>
Jon Strait wrote:
Please bear with me as I am in the midst of my crash-course in Linux
upgrade management.
in general, you do NOT want to be using source tarballs to
replace/upgrade components of a package-managed distribution. SuSE
Enterprise Linux 10 has their own upgrade management proc
Dr. Stephen Henson wrote:
On Fri, Apr 16, 2010, Dimitrios Siganos wrote:
Now, I would like this engine to install automatically i.e. without having
to run the engine command. I tried adding the following to openssl.cnf
##
openssl_conf = openssl_def
[ openssl_def ]
e
Le vendredi 16 avril 2010 à 10:47 -0700, Jon Strait a écrit :
> Please bear with me as I am in the midst of my crash-course in Linux
> upgrade management.
>
>
> I am trying to upgrade from openssl-0.9.8 to openssl-1.0.0 on SUSe
> 10.1 32bit with HP dl380's.
Why do you? Your Linux distribution wi
Please bear with me as I am in the midst of my crash-course in Linux upgrade
management.
I am trying to upgrade from openssl-0.9.8 to openssl-1.0.0 on SUSe 10.1
32bit with HP dl380's. I have used the following commands:
./config --prefix=usr
make
make test
make install
added /usr/lib to /etc/ld.
On Fri, Apr 16, 2010, Dimitrios Siganos wrote:
> Hi,
>
> I have use openssl-1.0.0 and engine_pkcs11 for storing an rsa private key
> in a smartcard (feitian epass 3000). I got openssl to access the rsa
> private key and used it to create a self-signed certificate like this:
>
> openssl
>
> OpenS
Please note, I don't know the insides of OpenSSL, but I do a lot of
multithreaded programming on Unix, so the following are not authorative
answers, just my own opinions:
> 1) According to the FAQ, "an SSL connection may not concurrently be
> used by multiple threads". Does this mean that an SSL
On Fri, Apr 16, 2010, digitalderik wrote:
>
> Hi there
> I've copied and pasted an rsa private key that i need to use with openssl.
> However when i run any commands that use the private key like the command:
> $openssl rsautl -sign -in textfile -inkey privatekey.pem -out result.txt
> i get: unab
Hi there
I've copied and pasted an rsa private key that i need to use with openssl.
However when i run any commands that use the private key like the command:
$openssl rsautl -sign -in textfile -inkey privatekey.pem -out result.txt
i get: unable to load private key
I've checked the line length of
On Fri, Apr 16, 2010 at 10:11:20AM +, Kaila, Ashish wrote:
> Hi,
>
> I just built Openssl 1.0.0 on a Win32 platform, after building when
> I try and run the binary openssl.exe I get a warning message "Cant
> open Config file: /usr/local/ssl/openssl.cnf" , I don't have a sample
> configuration
Hi,
I have use openssl-1.0.0 and engine_pkcs11 for storing an rsa private
key in a smartcard (feitian epass 3000). I got openssl to access the rsa
private key and used it to create a self-signed certificate like this:
openssl
OpenSSL> engine dynamic \
> -pre SO_PATH:/home/ds/local/lib/engine
I need to be certain that an application I am attempting to secure will only
accept 128 bit connections.
I have a config file called service.xml with the following:
I do not know the openssl command to test a connection that is a low cipher ...
or rather, I don't really know how to interpr
Hi,
We're currently using OpenSSL 0.9.7 in a multi threaded CORBA
application and are experiencing some problems implementing the locking
and thread_id callbacks.
We're using 0.9.7 because it's required by other components of the
application.
1) According to the FAQ, "an SSL connection ma
Adam Grossman wrote:
hello,
from my understanding, the US government can not buy a FIPS 140-2
compliant product after 2010. But my employer spoke to someone who said
they can still purchase a FIPS 140-2 validated product as long as they
are "transitionally" compliant by only using cryptographic
hello,
from my understanding, the US government can not buy a FIPS 140-2
compliant product after 2010. But my employer spoke to someone who said
they can still purchase a FIPS 140-2 validated product as long as they
are "transitionally" compliant by only using cryptographic algorithms
that have s
Forwarded to openssl-users for public discussion.
Best regards,
Lutz
- Forwarded message from ?? -
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=gmail.com; s=gamma;
h=domainkey-signature:mime-version:received:date:received:message-id
:subjec
Hi,
I just built Openssl 1.0.0 on a Win32 platform, after building when I try and
run the binary openssl.exe I get a warning message "Cant open Config file:
/usr/local/ssl/openssl.cnf" , I don't have a sample configuration file. What is
the impact if I use any sample configuration file which I
On Fri, Apr 16, 2010, Bhat, Jayalakshmi Manjunath wrote:
> Hi Sandeep and Adam Langley,
>
> Thank you very much. But I did not find where the aliases LOW,MEDIUM and
> HIGH are defined. I wanted to know where they are defined in OpenSSL?
>
Don't send this to openssl-dev it is a users question.
Hi Steve,
I get that maybe compilation is made problematic to prevent "no-tlsext" to be
used, but what I think is why is it problematic only on Win32 and Win64
systems, compilation with the "no-tlsext" flag is not problematic on an HPUX
system, I was able to build it without any issues.
On a
On Thu, Apr 15, 2010 at 1:15 AM, Bhat, Jayalakshmi Manjunath
wrote:
> I wanted to know when we use "ALL:!SSLv2:!EXPORT:!LOW:!MEDIUM:!DH" to select
> the ciphers how do OpenSSL understands what are ciphers are available under
> LOW and MEDIUM. Ssleay.txt documents names LOW,MEDIUM and HIGH as alias
Hi,
> If you use the CMS routines instead it should work OK.
Yes, works fine with openssl-1.0.0, thx!
It took me a while to to figure it out due to the lack of samples, so
attached is a basic sample program to parse the contents of an SOD file
(a CMS-based file in the RFID chip on e-passports).
Question -
Can OpenSSL be used offline - meaning without an Internet connection to
check if cert's are valid with a CA?
Thanks
Brian
22 matches
Mail list logo
