Hi,
We have a master client (developed using TIBCO\BW) which calls a HTTP
web service and got URI and port dynamically back. From the output
(the URI and port) we need these as input and would call another web
service. The issue occurs because we don’t have the full certificate.
Since we get the w
It appears that the current version of OpenSSL (1.0.1e) disregards the
"no-ec2m" build option (OPENSSL_NO_EC2M) when populating the contents of the
Supported Elliptic Curves Client Hello extension. In other words, the TLS
client code always generates the same 25-element elliptic curve list,
reg
>From: owner-openssl-us...@openssl.org On Behalf Of Salz, Rich
>Sent: Tuesday, 09 April, 2013 12:55
-dev added, I think this is a bug
>This pair of commands used to work as expected, but in 1.0.0 and
>later the resulting cert is self-signed, and not signed by the CA key.
ITYM 1.0.1 as per subje
On 4/11/2013 8:31 PM, Dave Thompson wrote:
From: Lee Hambley
Sent: Thursday, 11 April, 2013 02:33
...
extern unsigned char _binarycertificates_der_start;
extern unsigned char _binarycertificates_der_size;
I see below this is apparently a very weird object-file trick.
int main(int arg
>From: owner-openssl-us...@openssl.org On Behalf Of Lee Hambley
>Sent: Thursday, 11 April, 2013 02:33
>I've been battling the following code for a couple of hours
>armed with my Network Security With OpenSSL book to little avail.
>#include
>#include
>#include
>extern unsigned char _binary
Hello,
Looking into what disables SO_KEEPALIVE option on neon (webdav lib)
sockets, where I added enabling it after socket creation (done in
single place), I've found that openssl's "apps/s_socket.c" has the code
to explicitly disable keepalives for stream sockets.
Current code ("init_client_ip
2013/4/11 Dave Thompson
> >From: owner-openssl-us...@openssl.org On Behalf Of Felipe Blauth
> >Sent: Wednesday, 10 April, 2013 17:35
>
> >[In a server] I can't use SSL_CTX_load_verify_locations anymore,
> >because now I load stuff from a database. So I was happy
> >adding the certificates I need
Hi List,
I've been battling the following code for a couple of hours armed with
my *Network
Security With OpenSSL* book to little avail.
#include
#include
#include
extern unsigned char _binarycertificates_der_start;
extern unsigned char _binarycertificates_der_size;
int main(int argc,
Typically, having explained myself in a mail, and publicly made an idiot of
myself, here's how I verified that I was doing it right:
$ openssl enc -base64 -in ../certificates/tpubkey.der
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0JKYee6bWxE138t/3vOU
snip
2wIDAQAB
Taking
On Wed, Apr 10, 2013, Ken Goldman wrote:
> (The answer to this seems to be 'no', but the web posts were 5-10
> years old. Perhaps there's a better answer today.)
>
> I'm using openssl to emulate a TPM. The hardware device has an
> abort feature, where the TPM driver can cancel a long command.
>From: owner-openssl-us...@openssl.org On Behalf Of Felipe Blauth
>Sent: Wednesday, 10 April, 2013 17:35
>[In a server] I can't use SSL_CTX_load_verify_locations anymore,
>because now I load stuff from a database. So I was happy
>adding the certificates I need to form my trusted path through
>S
11 matches
Mail list logo
