On Tue, Dec 11, 2012 at 3:27 PM, redpath wrote:
> When using this command
>
> openssl genrsa -out test.pem 2048
>
> an RSA pair is created. Its not so much I want to know how a pair is
> randomly selected
> but how secure is that random selection. Random number generators are a
> series
> and thi
Hi All,
I had one question regarding usage of openssl-fips-2.0.2. I want to use
openssl-fips-2.0.2 to get NIST compliance for some crypto
functionality*.* I don't want to go for FIPS 140-2
certification/validation. I want to use
only a part of openssl-fips-2.0.2 module. Can I use some parts of
o
On 11 Dec 2012, at 3:27 PM, redpath wrote:
> an RSA pair is created. Its not so much I want to know how a pair is randomly
> selected but how secure is that random selection. Random number generators
> are a series and this selection could be followed for brute force deciphering.
I think the r
On Tue, Dec 11, 2012 at 6:10 PM, Dave Thompson wrote:
> >From: owner-openssl-us...@openssl.org On Behalf Of Michael Mueller
> >Sent: Tuesday, 11 December, 2012 15:45
>
> >Could I get a nudge. I'd like to get the SANs to show up in my certs.
>
> >in my request:
>
> >what I get in the resulting cer
When using this command
openssl genrsa -out test.pem 2048
an RSA pair is created. Its not so much I want to know how a pair is
randomly selected
but how secure is that random selection. Random number generators are a
series
and this selection could be followed for brute force deciphering.
-
>From: owner-openssl-us...@openssl.org On Behalf Of Michael Mueller
>Sent: Tuesday, 11 December, 2012 15:45
>Could I get a nudge. I'd like to get the SANs to show up in my certs.
>in my request:
>what I get in the resulting certificate:
It depends on the CA, i.e. the person or organization wh
Can I determine which of the built-in ECC curves are being used, just by
looking at the SSL structure? Tnx.
/r$
--
Principal Security Engineer
Akamai Technology
Cambridge, MA
Could I get a nudge. I'd like to get the SANs to show up in my certs.
in my request:
Requested Extensions:
X509v3 Basic Constraints:
CA:FALSE
X509v3 Key Usage:
Digital Signature, Non Repudiation, Key Encipherment
X509v3 Subject A
I am trying to browse to https://servername:portnumber and
https://servername.domain.com:portnumber using the same certificate.
How do I configure my openssl.cfg to allow for this? This is the way I
configured it
[ req ]
req_extensions = v3_req # The extensions to add to a certificate requ
On Tue, Dec 11, 2012 at 5:51 AM, Jakob Bohm wrote:
> On 12/10/2012 9:38 PM, Markus Wernig wrote:
>
> Some experts believe that setting the IV to
> Encrypt(key=key,IV=0,data=filenumber) is safe, others disagree, but the
> mathematical arguments on both sides of the debate seems to make a lot
> of d
On 12/09/2012 04:33 AM, Jeffrey Walton wrote:
> Hi All,
>
> On page 133 of the User Guide 2.0 for the OpenSSL FIPS Object Module
> v2.0, the document (book?) talks about symbol renaming. The discussion
> occurs in "Appendix I, API Entry Points by Source File," and the text
> is below.
>
> Why doe
On Mon, Dec 10, 2012, Walter H. wrote:
> Hello,
>
> I have created a self signed root CA certificate, and two other CA
> certificate, that I signed with this self signed root certificate;
> and these SubCA certificates are used for signing requests;
>
> with the root CA I signed also a certifica
Hello, experts!
A have a task to verify cms message with openssl command line, the operation
is:
*openssl smime -verify -in [fileName] -inform der -noverify -out
[outputFileName]*
(noverify argument is because i have a problem with root cert and now i need
to solve first problem - verify digital
On 12/10/2012 9:38 PM, Markus Wernig wrote:
Hi everyone!
I have a fairly basic question about how to use blowfish-cbc in an
application. Here's the scanario:
An application will receive arbitrary amount of data (potentially
multi-gigabyte) via a tcp/ssl socket, multiple files from multiple
send
On 12/11/2012 02:44 AM, Alex Chen wrote:
I want to set up SSL so it does not use SSL v2 or older, just like that
Apache has in its httpd-ssl.conf
SSLProtocol all -SSLv2
What is the equivalent API to do this?
After reviewing existing documentation and code, I came up with this:
// Configure a
Hello,
I have created a self signed root CA certificate, and two other CA
certificate, that I signed with this self signed root certificate;
and these SubCA certificates are used for signing requests;
with the root CA I signed also a certificate, with the purpose of
signing OCSP Responder; us
16 matches
Mail list logo
