Hi,
I have checked my keystore and truststore and the intermediate
certificate alone is going to expire.
I have received a renewed intermediate pem. I believe it is common
practice to just replace an expiring intermediate certificate instead of
the root. The root will expire in2025.
I have re
Hi, everyone:
I wanna know that if openssl support EAP-TLS protocol?
On 10 May 2011, at 4:13 PM, David Schwartz wrote:
> On 5/10/2011 2:10 AM, John Hollingum wrote:
>> Pretty much immediately after the accept the program forks a handler,
>> but the rogue clients must be glomming onto the main process before the
>> SSL negotiation is complete.
>
> Calling 'fork' wi
On 5/10/2011 2:10 AM, John Hollingum wrote:
I have a service written in Perl, running on Linux that presents a very
simple SSL listener. When this service is hit, it identifies the
connecting node from its certificate/peer address and just sends some
xml to them containing data from some files i
On Tue, May 10, 2011, Ken Dreyer wrote:
> I'm pretty sure this is "yes", but I don't see it documented anywhere.
>
> Are the various minor versions of OpenSSL binary compatible? For
> example, if I built Apache's mod_ssl against a previous 0.9.8 release,
> and I update my system to 0.9.8r, will e
I'm using a self signed certificate that is generated by my App. The
generation code is used for a client connection and that code is
working. Should I be able to use a self signed certificate? I'm
getting a crash course in SSL at the moment so I'm still figuring a
lot of this stuff out.
On Tue, M
On Tue, May 10, 2011, Mike Markley wrote:
> So the problem could be that my cert chain is not correct and I'm
> chasing down the wrong path by looking at the ciphers?
>
Not the chain, just you need at least one server certificate and most usually
an RSA one. Also check the PRNG is seeded correct
So the problem could be that my cert chain is not correct and I'm
chasing down the wrong path by looking at the ciphers?
On Tue, May 10, 2011 at 3:08 PM, Dr. Stephen Henson wrote:
> On Tue, May 10, 2011, Mike Markley wrote:
>
>> I'm working on an OpenSSL based server that is running into a proble
My experience is more "probably" than "yes".
I recall cases where it did not. It's also hard to test, because it might
fail some corner case that you don't use often.
owner-openssl-us...@openssl.org wrote on 05/10/2011 05:12:33 PM:
> From: Ken Dreyer
> To: openssl-users@openssl.org
> Date: 05/
On Tue, May 10, 2011, Mike Markley wrote:
> I'm working on an OpenSSL based server that is running into a problem
> with the above error when the remote client tries to connect. I've
> built a debug version of OpenSSL for iPhone and I'm dumping all the
> ciphers in ssl3_choose_cipher. What I don't
I'm working on an OpenSSL based server that is running into a problem
with the above error when the remote client tries to connect. I've
built a debug version of OpenSSL for iPhone and I'm dumping all the
ciphers in ssl3_choose_cipher. What I don't understand is, at least at
the name level all the
> From: owner-openssl-us...@openssl.org On Behalf Of DexterDave
> Sent: Tuesday, 10 May, 2011 11:28
> ... when I type: genrsa -des3 -out server.key 1024
> it asks me: "Enter pass phrase for server.key: ". When I want
> to type my password, nothing happens. It won't take any input.
>
Are you sure
- Forwarded message from DUBUC Franck -
From: DUBUC Franck
To: "r...@openssl.org"
Date: Tue, 10 May 2011 11:54:59 +0200
Subject: RE: [Bug Reports] Encrypt a file text on unix (Aix 5.3, Aix
6.0,SUN5.8,) to decrypt on Windows Error
Thread-Topic: [Bug Reports] Encrypt a file text on u
I'm pretty sure this is "yes", but I don't see it documented anywhere.
Are the various minor versions of OpenSSL binary compatible? For
example, if I built Apache's mod_ssl against a previous 0.9.8 release,
and I update my system to 0.9.8r, will everything work?
- Ken
Hi,
I have a service written in Perl, running on Linux that presents a very
simple SSL listener. When this service is hit, it identifies the
connecting node from its certificate/peer address and just sends some
xml to them containing data from some files in the queue directory that
contain
Hi DexterDave,
those are the authentication methods enabled in the server side. You have to
choose one of them.
For example if you choose the 'LOGIN' method simply enter
AUTH LOGIN
and the server will reply with base64 data:
VXNlcm5hbWU6
asking your username. So enter your username base64-e
> From: owner-openssl-us...@openssl.org On Behalf Of Pushkar Pathak
> Sent: Tuesday, 10 May, 2011 13:57
> I am using openssl on win xp 32. When I try to sign a request,
> openssl throws an error to the effect
> c:\>openssl ca -config openssl.cfg -policy policy_anything
>
> From: owner-openssl-us...@openssl.org On Behalf Of Lutz Jaenicke
> Sent: Tuesday, 10 May, 2011 13:47
> - Forwarded message from DUBUC Franck
-
> To: "r...@openssl.org"
> Date: Mon, 9 May 2011 17:12:45 +0200
> I create a encrypted file, with openssl, on unix server to
> encrypted it on
Hi
I am trying to set up an ssl key and certificate for my apache web server
using
Openssl, but when I type: genrsa -des3 -out server.key 1024
it asks me: "Enter pass phrase for server.key: ". When I want to type my
password,
nothing happens. It won't take any input.
Please help
--
View this me
Hi,
I am using openssl on win xp 32. When I try to sign a request, openssl
throws an error to the effect
c:\>openssl ca -config openssl.cfg -policy policy_anything -out "test.crt"
-key p -batch -infiles test.csr
Using configuration from openssl.cfg
0 entries loaded from the database
generating
Hi:
I have a machine integrated with LDAP, centos5.5 with
openssl-0.9.8e-12.el5_4.6. When I try to "getent group", "sudo something" or
"id" I get very often an error, something like the connection has been
broken.
Wireshark sais that the transmission window is full and the client closes
con
Hi Gayathri,
My Server and Client application are Windows based. Also the application
is huge, so its not possible to rewrite at this time. Maybe later we can do
that, but as for now, we are looking into alternate method for this. If we
decide to revisit this issue then i will look into this.
Hi Eric.,
First of all i am a she :) and I took a maternity break off from
work..which is why I am jobless..but busy feeding and diapering my
little one :)..sure I can take up your offer, please email me at
suraj...@gmail.com.
harsh.,
The thing is as Eric says, you really have to rewrite ur serv
On 5/9/2011 1:45 PM, Eric S. Eberhard wrote:
> int setblock(fd, mode)
> int fd;
> int mode; /* True - blocking, False - non blocking */
> {
> int flags;
> int prevmode;
>
> flags = fcntl(fd, F_GETFL, 0);
> prevmode = !(flags & O_NDELAY);
> if (mode)
> flags &= ~O_NDELAY; /* turn blocking on */
>
Hi DexterDave,
those are the authentication methods enabled in the server side. You have to
choose one of them.
For example if you choose the 'LOGIN' method simply enter
AUTH LOGIN
and the server will reply with base64 data:
VXNlcm5hbWU6
asking your username. So enter your username base64-enc
Forwarded to openssl users for discussion.
Best regards,
Lutz
- Forwarded message from DUBUC Franck -
From: DUBUC Franck
To: "r...@openssl.org"
Date: Mon, 9 May 2011 17:12:45 +0200
Subject: [Bug Reports] Encrypt a file text on unix (Aix 5.3, Aix
6.0,SUN5.8,) to dec
Hi
I have a huge problem. Been working on it for days now. I type either:
s_client -crlf -connect smtp.gmail.com:465 or
s_client -starttls smtp -crlf -connect smtp.gmail.com:25
into my openssl editor and it connect me with smtp.gmail.com
But then under the ehlo command gmail's authentication type
27 matches
Mail list logo
