RE: Confusion about subject alternative names - resolved

FYI, enabling the following line in openssl.cnf has resolved the problem. copy_extensions = copy From: Gaiseric Vandal [mailto:gaiseric.van...@gmail.com] Sent: Saturday, September 18, 2010 7:09 PM To: openssl-users@openssl.org Subject: RE: Confusion about subject alternative names

Re: Duplicate serial number

The serial number has to be unique for the issuer (CA). You can have multiple certificates with the same SubjectName, but the SerialNumber field has to be unique unless you're using a different issuer. Chris On Sun, Sep 19, 2010 at 10:53 PM, wrote: > If you generate multiple certs with the sam

Detecting memory leaks with OpenSSL in C

Hallo all, I'm looking for guidelines/best practices on how to detect memory leaks. I've bought the 'Network Security with OpenSSL' book, but it's not helpful in terms of low level OpenSSL programming, where I'm working with custom X.509 v3 extensions and a new network protocol with features base

Re: Duplicate serial number

If you generate multiple certs with the same serial number, Firefox (and anything built with NSS) will absolutely refuse to have anything to do with those sites. There's no "click 3 times to get access", it's a simple refusal to talk with a non-standards-compliant server. (Of course, this put

RE: Error while trying to get text output from x509 cert file

Does the following work? openssl x509 -in TestCryptPublic.cert -text From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of Panikulam Vivek Sent: Saturday, September 18, 2010 10:31 PM To: openssl-users@openssl.org Subject: Error while trying to get text

RE: cannot create p12 file

Thanks That seems to have been the issue. -Original Message- From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of Mounir IDRASSI Sent: Sunday, September 19, 2010 12:28 AM To: openssl-users@openssl.org Subject: Re: cannot create p12 file Hi, It ha

cannot create p12 file

I am trying to create a .p12 file with pkcs12. I created the private key: #openssl genrsa -out user.key -des3 I also create a certificate signing request (openssl req ..) and a certificate (openssl ca.) I want to store the user key (and optionally the user certificate) in a .p

Re: How to convert RSA public key XML format to PEM or ASCII format

Hi, The code is a generic OpenSSL C source that will compile using the favorite compiler of your platform. Did I understand your question correctly? -- Mounir IDRASSI IDRIX http://www.idrix.fr > Hi > > Thanks for your response. In which lplatform do I compile/execute the below > CODE? > I only h

Re: How to use CAPI engine in OpenSSL 1.0.0a

Patrick Patterson wrote: > openssl engine -t -post list_options:35 -post list_certs Thank you very much for mentioning the "standard Binary Package". The following even works without a .cnf file: C:\OpenSSL-Win32\bin>openssl engine -t dynamic -pre SO_PATH:capi -pre ID:capi -pre LOAD -post list_o

seeding PRNG

Hi, I need to seed PRNG of 128 bytes. in the below program is seeding 1024 byte. is it possible seed 128 bytes of data using RAND_seed(). Any example should be helpful for me. #include #include #include main() { /*int nb,l; l=RAND_load_file("/dev/random",bytes ); printf("Seeded the