SSL_get_peer_certificate

If Client-server session is reused from a past session then the client will not get a Server Certificate during the handshake. In this case, if I do a SSL_get_peer_certificate(), will it give me the server's certificate from the initial handshake from which this reuse happened?

Re: Proxy for content filtering

Hi No I am not using any kind of proxy application. Actually I want to build a proxy application like squid Thanks, Raj Rajmohan SK - Original Message - From: "Luis Daniel Lucio Quiroz" To: Sent: Friday, July 30, 2010 10:26 AM Subject: Re: Proxy for content filtering Le jeudi

Re: Proxy for content filtering

Le jeudi 29 juillet 2010 23:38:27, vous avez écrit : > Hi All > > > I want to build a proxy server, which acts as man in the middle proxy. The > main intention of application is to do content filtering, whether it is an > http or https request. I want to block some specified URL. Can anybody > te

Proxy for content filtering

Hi All I want to build a proxy server, which acts as man in the middle proxy. The main intention of application is to do content filtering, whether it is an http or https request. I want to block some specified URL. Can anybody tell me what is the best approach of doing this Thanks, Raj R

Modifying SSL Handshake messages

Hi, Can someone tell me if there is any tool to modify the handshake messages between client and server on the fly? For example, changing the list of cipher suites offered by the client, changing the trusted CA names sent by server etc. I understand that such a change would be caught by the "finis

Re: OpenSSL 1.0.0 FIPS module

Without funding, there's zero progress, so it's an ETA of 'never'. RedHat uses a FIPS-validated version of their software-only PKCS11 provider. -Kyle H On 7/29/10 6:35 AM, ja...@nixsecurity.org wrote: > Hello, > > Aside from searching the net, I've learned that the FIPS module for > OpenSSL 1.0

RE: Command line

> From: owner-openssl-us...@openssl.org On Behalf Of Ana Paula > Sent: Thursday, 29 July, 2010 05:57 > I need to create certificate and rsa keys and I’ve downloaded > openssl-0.9.8o and openssl-1.0.0a. > I can´t run 'install.com' because I’ve this error ‘The NTVDM > CP

Re: Command line

On 7/29/10 2:56 AM, Ana Paula wrote: > > Hi > > > > I need to create certificate and rsa keys and I've downloaded > openssl-0.9.8o and openssl-1.0.0a. > > I can´t run 'install.com' because I've this error 'The NTVDM CPU has > encountered an illegal instruction '. > > I don't know how to acess

RE: Command line

Hi By your error I presume you are trying to install openssl on a windows machine right? See this link, it looks like a simple installation method for that case http://www.slproweb.com/products/Win32OpenSSL.html (I never tried it, just found it in a google search) Hope it helps, Luis From: ap

building openssh with openssl-fips: cygwin can't find libcrypto

I am almost done here... I was able to symlink the headers to get past the opensslv header files, but the build process fails because openssl didn't build libcypto. The problem is that when building openssl with fips, it doesn't not appear to build libcrypto, and changing anything in the ./Configu

Re: OpenSSL 1.0.0 FIPS module

I think, perhaps, two different things are being confused here: 1) RedHat's use of the term "OpenSSL Module v1.0" and 2) James' use of the term "OpenSSL 1.0.0." Looking through RedHat's Security Policy and Certificate posted on NIST's site, it certainly looks to me that their "OpenSSL Module v1

Re: Re: OpenSSL 1.0.0 FIPS module

I completely understand and appreciate your quick response :) For the time being, we'll stick with using the latest version of the 0.9.X series of OpenSSL. Thanks again, James > Original Message >From: Steve Marquess >To: openssl-users@openssl.org >Sent: Thu, Jul 29, 2010, 11:29 AM >Su

Re: OpenSSL 1.0.0 FIPS module

ja...@nixsecurity.org wrote: Hello, Aside from searching the net, I've learned that the FIPS module for OpenSSL 1.0.0 requires funding for the project and availability of the next FIPS revision (I think). I'm curious if there's an ETA on the module at all? I've also noticed that Redhat (Fedor

Re: Command line

If you are a begginer and using a Linux SO, I recommend to use TinyCA visual interface (http://tinyca.sm-zone.net/). http://www.frameworkdemoiselle.gov.br/ 2010/7/29 Federico Berton > First of all, you have to CD to the bin directory of OpenSSL. > The command line is quite simple. > In this exa

Re: Command line

If you are using windows then you should just grab the binary distribution: http://www.openssl.org/related/binaries.html On Linux you should use your distribution's package manager to install openssl. On Thu, Jul 29, 2010 at 4:56 AM, Ana Paula wrote:

R: Command line

First of all, you have to CD to the bin directory of OpenSSL. The command line is quite simple. In this example I will create a 2048-bit RSA key encrypted with DES3 and then I'll create a self-signed certificate. First of all, let's create a key: openssl genrsa -des3 -out rsa.key 2048 Then, let'

OpenSSL 1.0.0 FIPS module

Hello,Aside from searching the net, I've learned that the FIPS module for OpenSSL 1.0.0 requires funding for the project and availability of the next FIPS revision (I think). I'm curious if there's an ETA on the module at all? I've also noticed that Redhat (Fedora) is pushing OpenSSL 1.0.0 with FIP

Command line

Hi I need to create certificate and rsa keys and I’ve downloaded openssl-0.9.8o and openssl-1.0.0a. I can´t run 'install.com' because I’ve this error ‘The NTVDM CPU has encountered an illegal instruction ‘. I don’t know how to acess to OpenSSL command line to create certs and keys. Is this

cross compiling questions

Hi I got some questions on cross compiling openssl I am using both openssl-0.9.8o and openssl-1.1.0a What I want to do is to crosscompile openssl for the targets PPC and ARM @openssl-0.9.8.o My crosscompilers are called arm-926ejs-linux-gnueabi for the ARM and powerpc-603e-linux-gnu for the P

Re: generating key using RSA

On 28-07-2010 15:26, Santhanam, Krishna M wrote: Hi, I am Krishnamurthy. I have some query regarding openssl. Is it possi ble to generate 64 bit key using RSA_generate_key() Ha, ha, very funny. (In case you really don't know: 64 bit keys of any kind are not considered secure these days

generating key using RSA

Hi, I am Krishnamurthy. I have some query regarding openssl. Is it possi ble to generate 64 bit key using RSA_generate_key() Thanks for your time, Krishnamurthy _ The information contained in this message is proprietary and/or confidential. If you are not the intended re