Because the attributes mentioned are only meaningful if covered by the
digital signature on the certificate, it cannot change in any format
conversion
that keeps the certificate valid.
The true format of certificates is binary BER encoded X.509.
A .cer file is simply that structure directly.
A
On Thu, Sep 29, 2011, Akanksha Shukla wrote:
> Hi All,
>
> I tried following things:
>
>
>
> 1) Made socket() system call with AF_INET6 family type.
>
> 2) Made connect() system call to get connected to destination address
> using the socket created above.
>
> 3) Then made ca
Hi,
thanks, i removed the line in the source code and now it's working
with IE9/openssl client.
Opera has some issues when only TLS 1.2 is selected but i think this
is an Opera issue.
Michael
2011/9/29 Dr. Stephen Henson :
> On Thu, Sep 29, 2011, Michael Haas wrote:
>
>> Hello,
>>
>> i tried to
Thanks Jakob.
Is this key usage only available in P7b format, when i tried this on CER and
P12 format then its not working on them, Crypt API is not able to read
extended information about Key Usage. Is the process format specific? I am
trying to use CertFindExtension API for this.
// Harshvir
On T
You forgot to also check the Key Usage attribute
IF (CA: TRUE OR Key Usage: Certificate Sign)
If Self Signed
ROOT
Else
Intermediary
Else
If Self Signed
Toy certificate
Else
End use (server / person / company / etc.)
On 9/29/2011 3:39 PM, Harshvir Sidhu wrote:
Hey,
Hi All,
Can anyone please help me out here in resolving my queries ?
Any help would be great.
Thanks
Akanksha Shukla.
From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Akanksha Shukla
Sent: Tuesday, September 27, 2011 6:50 PM
To: openssl-us
I haven't tried your build process, but is the following still in
ssl_lib.c::SSL_CTX_new()
/* Disable TLS v1.2 by default for now */
ret->options |= SSL_OP_NO_TLSv1_2;
Paul
_
Pau
Hey,
I tried using this method following is the flow.
IF CA: TRUE
If Self Signed
ROOT
else
Intermediate
else
Personal
When i try parsing the PKCS7 (.p7b) files, then for Intermediate CA
Certifites I get that its a personal Certificate?
Is there something different
On 9/29/2011 12:24 AM, Lucas Martins wrote:
Hello,
I was looking libcrypto code, and found that DSA_sign and ECDSA_sign
ignore hash algorithm while RSA_sign do not.
Are there any reason for this?
Before passing a short (typically 128 to 512 bits) hash to the "raw"
schoolbook RSA
algorithm
Hi Dave,
Thanks a lot for your suggestion. I have finally manage to enable most of
the ciphers.
The problem was with the install path. When we don't mention "--prefix",
OpenSSL is installed in some other path. And does not update the already
installed binaries. Thus I was actually using the older
On Thu, Sep 29, 2011, Michael Haas wrote:
> Hello,
>
> i tried to enable TLS1.1 + TLS1.2 on Apache 2.2.21 with
> openssl-1.0.1-stable-SNAP-20110927 but didn't succeed.
> TLS 1.1 is working as excpected but TLS 1.2 not. I don't get a
> connection with TLS1.2, tried IE9 and Opera.
> Should TLS 1.2
Hello,
i tried to enable TLS1.1 + TLS1.2 on Apache 2.2.21 with
openssl-1.0.1-stable-SNAP-20110927 but didn't succeed.
TLS 1.1 is working as excpected but TLS 1.2 not. I don't get a
connection with TLS1.2, tried IE9 and Opera.
Should TLS 1.2 work already with openssl 1.0.1 or is only the
implimenta
12 matches
Mail list logo
