> From: owner-openssl-us...@openssl.org On Behalf Of Jakob Bohm
> Sent: Wednesday, 29 February, 2012 15:51
> I do not know why MS KB2643584 does not mention changing TLS 1.1
> and/or TLS 1.2 behavior, maybe someone familiar with the attack
> described in CVE2011-3389 knows a reason.
>
Well, at le
We have experienced what appears to be a thread-safety issue with
ssl3_get_server_hello(). It works for the most part but then after traffic
starts to increase on the server utilizing OpenSSL... we get the error:
[Wed Feb 29 12:00:01 2012] [info] SSL Library Error: 336142597
error:14092105:SSL r
Hi All,
Does openssl smime CLI supports encryption using password, instead of using
recepient certificate?
Thanks,
Erwin
Never mind, I found an extremely ugly solution:
1) I split the signature extracted (signers.tmp) in single signature files
(signer1.tmp e signer2.tmp) by python script
2) I test them both with the following command, using as CAfile the complete
one:
openssl verify -verbose -CRLfile "chain.tm
Thanks for the answer.. in fact nothing, but I found nothing about that in the
documentation, and I made an experiment which seemed to prove that: I verified
an end certificate using as CAfile a chain made of root cert, user cert and
user CRL... and it worked correctly, before and after the revo
On 3/1/2012 12:41 PM, mario piccinelli wrote:
Hi everyone
I'm stuck with a situation about openssl and I really don't know how to get
out..
What I'm trying to do is build a three level chain to sign files:
- a root cert
- an user cert
- and end cert
At the user level a revocation list can be
Hi everyone
I'm stuck with a situation about openssl and I really don't know how to get
out..
What I'm trying to do is build a three level chain to sign files:
- a root cert
- an user cert
- and end cert
At the user level a revocation list can be produced to revoke the user's end
certs.
I cre
On Thu, Mar 01, 2012, Jakob Bohm wrote:
> On 2/29/2012 11:43 PM, Dr. Stephen Henson wrote:
> >On Wed, Feb 29, 2012, Tammany, Curtis wrote:
> >
> >>I had brought this issue up earlier ("Windows 7/IE8 CAC enabled sites").
> >>With SSL 3.0 only checked on IE8 (in windows 7), I could make a connection
On 2/29/2012 11:43 PM, Dr. Stephen Henson wrote:
On Wed, Feb 29, 2012, Tammany, Curtis wrote:
I had brought this issue up earlier ("Windows 7/IE8 CAC enabled sites").
With SSL 3.0 only checked on IE8 (in windows 7), I could make a connection
to my site that had OpenSSL 1.0.0g. With both SSL 3.0
From: "cam"
I'm having a problem generating a signed SMIME message.
I have to interface with a CAC card reader that implements a subset of the
pkcs11 standard. I pass the message to the card API and it returns a
signed
digest and now I need to pass this signed digest to openSSL to create the
We have experienced what appears to be a thread-safety issue with
ssl3_get_server_hello(). It works for the most part but then after traffic
starts to increase on the server utilizing OpenSSL... we get the error:
[Wed Feb 29 12:00:01 2012] [info] SSL Library Error: 336142597
error:14092105:SSL ro
11 matches
Mail list logo
