On Thu, Jun 17, 2010 at 8:10 PM, Dave Thompson wrote:
There should be no technical problem signing a child cert with
a different keylength, or algorithm. It's even fairly common for
a child cert to have a smaller/weaker key than the CA. It's
somewhat silly for the child to be larger/stronger,
On 6/17/2010 10:10 PM, Dave Thompson wrote:
>> From: owner-openssl-us...@openssl.org On Behalf Of JC Yang
>> Sent: Wednesday, 16 June, 2010 23:53
>
>> Hi, I'm new to openssl. I've just compiled openssl with Visual C++
> 2008,
>> I've read the installation guide and added the
> From: owner-openssl-us...@openssl.org On Behalf Of JC Yang
> Sent: Wednesday, 16 June, 2010 23:53
> Hi, I'm new to openssl. I've just compiled openssl with Visual C++
2008,
> I've read the installation guide and added the debug command in the
mk1mf.pl
> line in do_mas
> From: owner-openssl-us...@openssl.org On Behalf Of Carroll, Diana C
> Sent: Tuesday, 15 June, 2010 19:36
> I have a scenario where a certificate was generated using a
> 2048-bit key, and was signed by a CA using a 1024-bit key.
> The certificate is verified "OK" by openSSL, however when
> at
Hi All,
Are there any plans to incororate IBM's patches (eg,
http://rt.openssl.org/Ticket/Display.html?id=782). Given its been 6 or
so years, the reason is probably not technical merits or difficulties.
Can anyone comment?
Thanks,
Jeff
Hi all,
I have two issues when I am trying to verify the certificates from an SSL
connection. In particular I have difficulties in understanding how to:
- Add a set of certificates that are to be trusted (trust anchors..)
- Add a set of certificates that might be needed to build the chain
(n
Hi all,
I have two issues when I am trying to verify the certificates from an SSL
connection. In particular I have difficulties in understanding how to:
- Add a set of certificates that are to be trusted (trust anchors..)
- Add a set of certificates that might be needed to build the chain
(no
Yeah i am doing the tweaking to go through errors, but my assumption was
that its a released code, so it should build without any error.
so i could be doing something wrong in terms of setting up environment, but
i am following the steps from Install.wce file.
On Thu, Jun 17, 2010 at 6:04 PM, Ger
On Thu June 17 2010, Harshvir Sidhu wrote:
> Thanks, on compile it generated the openssl1.0.0a\inc32 folder.
> I didnt tried compiling this before, as i was basically trying to compile
> openssh for windows and was referring to ssl headers for the same.
>
> Do anyone know if there is some working
Without having checked, so caveat emptor:
0)
answer final question: MSVC200x should do okay, generically speaking.
1)
The @90 error reads as if a (IMO hacky) local LoadLibraryA prototype line
mismatches with the official one; remove the one at 90 in the openssl source
file dso_win32.c, I'd say.
Hey,
I was trying to build the openssl library with the Visual Studio 2005
configurations for CE.
I am getting bunch of errors, first it gave error for standart C string
functions. I defined the macro _CRT_SECURE_NO_WARNINGS and it worked for
that.
Then i needed to define macro OPENSSL_SYSNAME_
Thanks, on compile it generated the openssl1.0.0a\inc32 folder.
I didnt tried compiling this before, as i was basically trying to compile
openssh for windows and was referring to ssl headers for the same.
Do anyone know if there is some working model of openssh for windows?
Thanks.
On Thu, Jun 17
On Thu, Jun 17, 2010, Niels Stevens wrote:
> Hey, the PKCS7_verify returns an error, but this error comes from the
> callback function used with the certificateStore.
> I'm getting the next error :
> certificate signature failure
> error:21075075:lib(33):func(117):reason(117)
>
That error stri
There is no such folder in there. Just openssl-1.0.0\include.
On Thu, Jun 17, 2010 at 12:45 PM, Warren, Daniel wrote:
> The headers are in openssl-1.0.0\inc32.
>
> Dan W.
>
> --
> *From:* owner-openssl-us...@openssl.org [mailto:
> owner-openssl-us...@openssl.org] *On
Hi all,
I have two issues when I am trying to verify the certificates from an SSL
connection. In particular I have difficulties in understanding how to:
- Add a set of certificates that are to be trusted (trust anchors..)
- Add a set of certificates that might be needed to build the chain
(not
Harshvir,
Include/openssl is populated with links during the make phase. It always
starts empty.
Ed
Ed James, Contractor ed.jam...@us.army.mil 703-588-8736-voice
703-693-7507-fax
ITA BSS/TCS
1777 North Kent Street, Suite 4100, Arlington, VA 22209
From: owner-openssl-us...
Hey, the PKCS7_verify returns an error, but this error comes from the callback
function used with the certificateStore.
I'm getting the next error :
certificate signature failure
error:21075075:lib(33):func(117):reason(117)
//X509_STORE setup.
int verify_callback(int ok, X509_ST
The headers are in openssl-1.0.0\inc32.
Dan W.
From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Harshvir Sidhu
Sent: Thursday, June 17, 2010 12:01 PM
To: openssl-users@openssl.org
Subject: Missing Headers
I just downl
On Thu, Jun 17, 2010, Niels Stevens wrote:
> Hey I'm want to verify a S/MIME I stored in a INI file. I acces this ini file
> using QSettings, reading the PKCS7 isn't a problem. I checked the smime with
> dumpasn1 and their where no problem. I tested the verifiy code using boost
> libraries and
I just downloaded the openssl-1.0.0a, and all the header files in
include\openssl are empty.
I checked couple of old version also like 0.9.8o, n, m, all of them have
this folder empty.
Is there something i need to do get them?
// Harshvir
Hey I'm want to verify a S/MIME I stored in a INI file. I acces this ini file
using QSettings, reading the PKCS7 isn't a problem. I checked the smime with
dumpasn1 and their where no problem. I tested the verifiy code using boost
libraries and generated a S/MIME with the same certificate I used
Hi Steve
Thanks for the tip, will try it tomorrow.
Kind regards
Rolf (aka spieler67)
On Thu, Jun 17, 2010, Rolf Ackermann wrote:
Hi Steve
Thanks for your fast answer.
Sorry, some clarification:
If I'm using the "openssl s_client -host [mail-server] -port 443" command
it
works very good
On Thu, Jun 17, 2010, Aravind GJ wrote:
> Hello,
>
> I am trying to load a certificate and private key. (both are .der file). The
> private key is unencrypted. The certificate file is loaded using
>
> SSL_CTX_use_certificate_file(ctx, "cert.der", SSL_FILETYPE_ASN1) which is
> sucessful.
>
> The
On Thu, Jun 17, 2010, Rolf Ackermann wrote:
> Hi Steve
>
> Thanks for your fast answer.
>
> Sorry, some clarification:
>
> If I'm using the "openssl s_client -host [mail-server] -port 443" command
> it
> works very good. But the problem is that I've written a software using the
> openssl library
Hi Steve
Thanks for your fast answer.
Sorry, some clarification:
If I'm using the "openssl s_client -host [mail-server] -port 443" command it
works very good. But the problem is that I've written a software using the
openssl library (libssl.so) with which I want to connect to a mail server
usin
Hello,
I am trying to load a certificate and private key. (both are .der file). The
private key is unencrypted. The certificate file is loaded using
SSL_CTX_use_certificate_file(ctx, "cert.der", SSL_FILETYPE_ASN1) which is
sucessful.
Then I try to load private key file using
SSL_CTX_use_Private
Hi,
I am working with a PIV card and integrating it into openssl using the
opensc engine.
For example I can encrypt some data with:
OPENSSL_CONF=piv.conf ./openssl smime -encrypt -outform smime -out
/tmp/test.encrypt /tmp/encrypt.pem
and then decrypt it with:
OPENSSL_CONF=piv.conf ./openssl smim
On Thu, Jun 17, 2010, Rolf Ackermann wrote:
> Hi list
>
> I have the following problem:
>
> I've written a software using wxWidgets (http://www.wxwidgets.org). This
> framework allows
> me to write OS independent software and has also C++ classes for using TCP
> communication.
> Based on source
Hi list
I have the following problem:
I've written a software using wxWidgets (http://www.wxwidgets.org). This
framework allows
me to write OS independent software and has also C++ classes for using TCP
communication.
Based on source code from the internet I'm using BIO_read/BIO_write function
29 matches
Mail list logo
