On Thu, May 09, 2013 at 12:11:38AM +, Viktor Dukhovni wrote:
> Has anyone seen the type of problem reported on the postfix-users list today?
>
> http://archives.neohapsis.com/archves/postfix/2013-05/0158.html
>
> (and earlier posts upthread).
>
> TLS handshakes without session resum
Has anyone seen the type of problem reported on the postfix-users list today?
http://archives.neohapsis.com/archves/postfix/2013-05/0158.html
(and earlier posts upthread).
TLS handshakes without session resumption succeed, while resumed
sessions always fail, with the server sending a ze
Hi,
If anyone is interested, I published a blog post about c14n (programming
tips). This is not directly related to OpenSSL but as an example it uses
generated sample signed XML files (XMLDSig) where `openssl' tool comes very
handy.
http://kriscience.blogspot.co.uk/2013/05/c14n-for-signed-xml.ht
On 8 May 2013, at 3:10 AM, Cipriano Groenendal - Byte Internet wrote:
> Hey all,
>
> I'm trying to create a CSR using a very long organizationName, but I keep
> getting the message
>
> 140605698299560:error:0D07A097:asn1 encoding
> routines:ASN1_mbstring_ncopy:string too long:a_mbstr.c:154:max
Nothing like forgetting to add Algorithms which was the issue
ERR_load_BIO_strings();
ERR_load_crypto_strings();
OpenSSL_add_all_algorithms();
OpenSSL_add_all_ciphers();
OpenSSL_add_all_digests();
basically get the public key
testrsa = RSA_new();
FILE *fp = fopen("x509public.pem", "r");
if
> 4) But the life of me cannot find how to set the public and verify?
Look for one of the openssl command-line programs that does what you want, and
then look at that code. In this case apps/verify.c might be useful.
/r$
--
Principal Security Engineer
Akamai Technology
Cambridge, MA
Okay so excerpt code shown below.
1) Load the RSA public key
2) Load the x509
3) Create an PKEY
4) But the life of me cannot find how to set the public and verify?
I did try a number of functions to set public key with core dump of
course.
This is just a test sample.
testrsa = RSA_new();
On 03/05/2013 00:00, Phil Pennock wrote:
On 2013-04-30 at 01:17 +0200, Arthur Carcano wrote:
Good evening everyone,
Please excuse me if it has already been asked but is there a way to
make openssl s_client use my directory with every certificates (as with
-CApath) once and for all ?
Export $S
Hi Stefan,
On 2013-05-08, at 5:58 AM, Stefan H. Holek wrote:
> Hi Patrick,
>
> The 'keyid' keyword in this case means 'copy from signing cert'. To add
> arbitrary values to certificate extensions, you must use the 'arbitrary
> extension format':
>
> http://www.openssl.org/docs/apps/x509v3_con
Hello everyone,
i want to write an TLS server. Therefore i'd like to use the openssl c api.
The server needs to support the tls extension "Certificate Status Request" and
"Trusted CA Indication" from RFC 6066.
Does someone know a good tutorial on using tls extensions with openssl or has
already
> How can this individual verify the x.509? I certainly do not want the
> receiving site to have private key; they are not the creator of such
> documents but simply the receiver for data. An excerpt of code would be most
> beneficial.
The certificate is signed with the PRIVATE key and verified
I searched the forum and could not find a similar question.
I have a self signed V3 x.509 file (RSA 512 for simplicity)
X509 *x;
EVP_PKEY *pk;
if ((pk=EVP_PKEY_new()) == NULL){
fprintf(stderr,"err 1\n");
return(1);
}
rsa=RSA_generate_key(512,RSA_F4,NULL,NULL); //callback,NU
Hey all,
I'm trying to create a CSR using a very long organizationName, but I
keep getting the message
140605698299560:error:0D07A097:asn1 encoding
routines:ASN1_mbstring_ncopy:string too long:a_mbstr.c:154:maxsize=64
I've tried using a local config and in the [ req_distinguished_name ]
se
Hi Patrick,
The 'keyid' keyword in this case means 'copy from signing cert'. To add
arbitrary values to certificate extensions, you must use the 'arbitrary
extension format':
http://www.openssl.org/docs/apps/x509v3_config.html#ARBITRARY_EXTENSIONS
http://www.openssl.org/docs/crypto/ASN1_generat
14 matches
Mail list logo
