I have this fucntion which I use to generate public-private key pair.
- prime : depends on the dh group, you can find these values in DH rfc -
http://www.ietf.org/rfc/rfc3526.txt
int32_t DHInterface::GeneratePublicPrivateKeyPair(uint8_t * pub_key,
uint32_t * pub_key_length)
{
char *errbuf;
d
>From: owner-openssl-us...@openssl.org On Behalf Of
miles.zh...@aliyun-inc.com
>Sent: Thursday, 20 December, 2012 22:10
>I want to load a certs chain from memory ( ie. From a std::string variable
>with the certs chain's content loading from the mysql db ).
>The content of certs chain is like a C
Hello!!
I am trying to implement Diffe-Hellman Key exchange protocol between Client
and server. I am using openSSL dh.h library for that. The problem is how to
send the publickey generated by DH_generate_key() function to
client/server.
My idea is to get the shared secret which I can use for fur
Hi all,
I want to load a certs chain from memory ( ie. From a std::string variable with
the certs chain’s content loading from the mysql db ).
The content of certs chain is like a CAfile.
Because loading from memory, can not call the “SSL_CTX_load_verify_locations”
api.
So I call “SSL_C
On 12/20/2012 08:49 PM, Patrick Patterson wrote:
Hi Robert:
On 2012-12-20, at 8:05 PM, Robert Moskowitz wrote:
OK. I am swamped. What is the command to display the cert content?
openssl x509 -in cert.pem -text -noout.
Great just what I was looking for.
Hi Robert:
On 2012-12-20, at 8:05 PM, Robert Moskowitz wrote:
> OK. I am swamped. What is the command to display the cert content?
>
openssl x509 -in cert.pem -text -noout.
Have fun.
---
Patrick Patterson
Chief PKI Architect
Carillon Information Security Inc.
http://www.carillon.ca
___
OK. I am swamped. What is the command to display the cert content?
I see
openssl asn1parse -in file.cert
but although I can read ASN1 cruft, I would like a nicer output.
thanks
__
OpenSSL Project
On 12/20/2012 06:52 PM, Dave Thompson wrote:
From: owner-openssl-us...@openssl.org On Behalf Of Robert Moskowitz
Sent: Thursday, 20 December, 2012 08:24
Left out response to -nodes option...
On 12/20/2012 03:44 AM, Dave Thompson wrote:
openssl req -new -nodes -keyout foo-key.pem -out
foo-req.
> From: owner-openssl-us...@openssl.org On Behalf Of Robert Moskowitz
> Sent: Thursday, 20 December, 2012 08:24
> Left out response to -nodes option...
>
> On 12/20/2012 03:44 AM, Dave Thompson wrote:
> >> openssl req -new -nodes -keyout foo-key.pem -out
> foo-req.pem -days 365
> > That comman
I modified the example slightly to fit our configuration.
The fips build may have worked. I get the following:
making install in fips/utl...
for i in fipsld fips_standalone_sha1 ; \
do \
echo "installing $i"; \
cp $i /usr/local/ssl/fips-2.0/bin/$i.new; \
Hallo,
https://pki-tutorial.readthedocs.org/en/latest/cadb.html
-> Serial number files ...
what is the CRL number file?
where can I configure this?
Thanks,
Walter
On Mon, December 17, 2012 15:23, Stefan H. Holek wrote:
> Hi All!
>
> I have been working on an OpenSSL PKI tutorial, and the time
Left out response to -nodes option...
On 12/20/2012 03:44 AM, Dave Thompson wrote:
From: owner-openssl-us...@openssl.org On Behalf Of Robert Moskowitz
Sent: Wednesday, 19 December, 2012 22:24
... I am trying better to understand ...
creating a mailserver (postfix) cert.
I am looking at a couple
On 12/20/2012 03:44 AM, Dave Thompson wrote:
From: owner-openssl-us...@openssl.org On Behalf Of Robert Moskowitz
Sent: Wednesday, 19 December, 2012 22:24
... I am trying better to understand ...
creating a mailserver (postfix) cert.
I am looking at a couple templets. The one at postfix.org cre
Hello,
the following skript generates a PKCS#12 container with private key plus
certificate chain;
NAME="em...@domain.tld"
CANAME="CA name"
PASSPHRASE="passphrase"
openssl pkcs12 -export -name "$NAME" -caname "$CANAME" -caname "$CANAME"
-inkey ./cert.key -passin pass:${PASSPHRASE} -in ./cert.
> From: owner-openssl-us...@openssl.org On Behalf Of Robert Moskowitz
> Sent: Wednesday, 19 December, 2012 22:24
> ... I am trying better to understand ...
> creating a mailserver (postfix) cert.
>
> I am looking at a couple templets. The one at postfix.org creates a
> 'unsigned public key cert
15 matches
Mail list logo
