Re: Is it possible to configure only TLSv1.2 ciphers for FIPS?

On 4/25/2013 1:40 PM, Cipher wrote: Hi, For FIPS work, we are planning to support only TLSv1.2 ciphers. Is there a configuration option to use *only* TLSv1.2 ciphers? we are using apache/mod_ssl engine(v 2.2.16). *SSLProtocol* directive does not support TLSv1.1/TLSv1.2 option. Which version o

Re: Is it possible to configure only TLSv1.2 ciphers for FIPS?

On Thu, Apr 25, 2013 at 04:40:12AM -0700, Cipher wrote: > For FIPS work, we are planning to support only TLSv1.2 ciphers. Is there a > configuration option to use *only* TLSv1.2 ciphers? You say ciphers here. > we are using apache/mod_ssl engine(v 2.2.16). *SSLProtocol* directive does > not su

RE: Data and Signature (envelope)

> From: owner-openssl-us...@openssl.org On Behalf Of redpath > Sent: Thursday, 25 April, 2013 09:40 > To: openssl-users@openssl.org > Subject: Re: Data and Signature (envelope) > > I looked at the latest smsign.c shown below modified with a > large data item. > The result is still a detached and

FIPS with openssl 1.0.1c strange error

I cross compiled openssl 1.0.1c with FIPS with following commands: For FIPS module: ./config make for openssl ./config fips no-asm shared --with-fipsdir=/software/openssl/openssl-fips-2.0.2/ export FIPS_SIG=/software/openssl/openssl-fips-2.0.2/util/incore changed fipsld line 132 to "${FIPS_SIG}" -

Re: X509 custom extension

Thanks and also the OID register. -- View this message in context: http://openssl.6102.n7.nabble.com/X509-custom-extension-tp44930p44933.html Sent from the OpenSSL - User mailing list archive at Nabble.com. __ OpenSSL Project

Re: [openssl-users] X509 custom extension

Bonjour, Le 26/04/2013 15:15, redpath a écrit : I am adding a custom extension to an x509 a png icon basically (bytes). Since the png icon is too large to post the data I have subsituted it with a file called sample.txt that has a text line "This is a sample". The code excerpt to add the extensi

X509 custom extension

I am adding a custom extension to an x509 a png icon basically (bytes). Since the png icon is too large to post the data I have subsituted it with a file called sample.txt that has a text line "This is a sample". The code excerpt to add the extension is below. getdata("sample.txt",&len

RE: Why Openssl "s_server" is allowing Session Reuse on the same tcp connection

Thanks Patrick. But what "Use Case" does this have, where client tells the server to resume the ssl session on the same tcp connection. Usually a different tcp connection makes sense to reuse the session id. -- View this message in context: http://openssl.6102.n7.nabble.com/Why-Openssl-s-