In order to achieve compliance, you must follow the instructions in the
Security Policy to the letter.
This means that you must:
- download and read the security policy
- download the openssl-fips-1.2.0.tar.gz
- verify its integrity according to the security policy
- follow the precise instructi
Yes created a CSR file using openssl. If I recall I did create a key as well.
However, when I received the CER file I thought all I would have to do is
import it to IE. So all I need to do is use the command below to get this to
import correctly?
Sent from my Windows Phone
-Original Me
On 3/7/2011 4:19 PM, Yan, Bob wrote:
Thank you very much, David,
In general, if the application use "select/poll" system function to
> check the readable of underline BIO and invoke the SSL_read/SSL_write
> only if there are data available on the socket, can the deadlock still
> happened?
No
On Tue, Feb 8, 2011 at 8:42 PM, Jan Steffens wrote:
> Hello,
>
> I help maintain the Arch Linux multilib repository and was wondering how
> OpenSSL should be built on a x86_64 multilib system. My approach so far has
> been this:
>
> export CC="gcc -m32"
> export CXX="g++ -m32"
> export PKG_CONF
Thank you very much, David,
In general, if the application use "select/poll" system function to check the
readable of underline BIO and invoke the SSL_read/SSL_write only if there are
data available on the socket, can the deadlock still happened?
Specially, in your last statement "At step 3 abo
2011/3/7 Dave Thompson
> > From: owner-openssl-us...@openssl.org On Behalf Of ikuzar
> > Sent: Monday, 07 March, 2011 10:00
>
> > I have a function my_initialize( ) which initialize a lot
> > of thing before doing my_connect( ), my_accept( ), etc.
>
> > In my_initialize( )
On 3/7/2011 2:45 PM, Yan, Bob wrote:
My question is that if my Reader thread gets a SSL_ERROR_WANT_WRITE
error from SSL_read function call, can my Writer thread do the SSL_write
operation right after the Reader’s SSL_read operation?
Yes.
> Or, if my Writer
thread gets a SSL_ERROR_WANT_READ e
I have two questions regarding to SSL/TLS Renegotiation:
1) Can SSL/TLS Renegotiation happen automatically during the normal SSL_read
and SSL_write operation on a SSL connection? Basically if the application
doesn't invoke the SSL_renegotiate function, can SSL/TLS Renegotiation still
happen aut
Thread are two threads in my application and one thread is called Reader and
another one is Writer. The Reader thread calls the SSL_read function to receive
the incoming data from the SSL socket connection; and the Writer thread invokes
the SSL_write function to send out the data to the same SSL
I am new to openSSL and wanted to port openSSL to an RTOS platform that does
not have the configure system.
The RTOS has its own file and network libraries .
The current use that I have for openSSL is to use it via libcurl . I only
need support to do SSL .
Which source files ( modules) do I c
> From: owner-openssl-us...@openssl.org On Behalf Of ikuzar
> Sent: Monday, 07 March, 2011 10:00
> I have a function my_initialize( ) which initialize a lot
> of thing before doing my_connect( ), my_accept( ), etc.
> In my_initialize( ), I call :
> - SSL_lib
> From: owner-openssl-us...@openssl.org On Behalf Of Jaquez Jr, Hector
L.
> Sent: Monday, 07 March, 2011 14:37
> I created a .csr file and had my access control team create me
> a certificate since my original had expired. I was under the assumption
> I could just import the c
Hi,
I've got an interrogation on .so file !
I'm compiling the 0.9.8r file of openssl using the config command with
those "threads shared zlib-dynamic" options ... All is going fine
My question is :
Why i'm not finding the version in the openssl/lib/libcrypto.so.0.9.8
when i'm using the
I created a .csr file and had my access control team create me a certificate
since my original had expired. I was under the assumption I could just import
the cert in IE from the IE options and it would work. It is not working and I
am still showing that my certificate is expired. I wanted to
On Mon, Mar 07, 2011, raghib nasri wrote:
> Do you mean to say I should modify fipsld to use gcc for compiling
> fips_premain.c. Or is there any way to still use g++ for my application with
> minimal change in fipsld. Please suggest.
>
Well two options, one is to change it to use gcc just for
Hi,
for 2) it is OK
for 1) I do not understand ...
-- I 'd like to retrieve x509 certificate and store it into a X509 object. I
do not want to converts ANSO DER strings to X509 objects for the moment.
I want something like this :
x509* cert;
cert =
SSL_get_certificate(/
Do you mean to say I should modify fipsld to use gcc for compiling
fips_premain.c. Or is there any way to still use g++ for my application with
minimal change in fipsld. Please suggest.
On Mon, Mar 7, 2011 at 9:15 PM, Dr. Stephen Henson wrote:
> On Mon, Mar 07, 2011, raghib nasri wrote:
>
> > H
On Mon, Mar 07, 2011, raghib nasri wrote:
> Hi,
>I am using FIPS Object Module and encountered an error while
> compiling my application using g++.
>?fips_premain.c:71: error: initializer-string for array of chars is
> too long?
>I cannot change fips_premain.c since its pa
Hello,
I have a function my_initialize( ) which initialize a lot of thing before
doing my_connect( ), my_accept( ), etc.
In my_initialize( ), I call :
- SSL_library_init();
- SSL_load_error_strings();
In my_connect( ), I set handshake:
- meth = TLSv1_method( );
- ctx = SSL_CTX_new(meth);
- SSL_CT
19 matches
Mail list logo
