Country Name field in CA generated by openssl is encoded as PRINTABLESTRING

Country Name field in CA generated by openssl is encoded as PRINTABLESTRING while other fields are UTF8STRING I am generating a CA certificate with openssl version 1.0.1e with the following commands: openssl ecparam -out ec_key.pem -name secp384r1 -genkey openssl req -new -key ec_key.pem -x509 -n

Re: Is my process correct.

"openssl verify" does the trick. http://www.openssl.org/docs/apps/verify.html# And to test if the key and the cert belong together: openssl x509 -in $cert -noout -modulus | openssl md5 openssl rsa -in $key -noout -modulus | openssl md5 If the md5 sums don't match, the key or the cert is inval

RE: cannot open certdb

> From: owner-openssl-us...@openssl.org On Behalf Of Rodney Simioni > Sent: Wednesday, 19 June, 2013 10:15 > Comments inline. > > From: owner-openssl-us...@openssl.org On Behalf Of Dave Thompson > Sent: Tuesday, June 18, 2013 10:29 PM > >Here's the command that I used to create the CA. > >Here'

RE: Is my process correct.: openldap using GeoTrust

>From: owner-openssl-us...@openssl.org On Behalf Of Rodney Simioni >Sent: Thursday, 20 June, 2013 12:04 >A key/pair was sent to me from my admin and it looked like it came >from GeoTrust. It's a wildcard cert. A privatekey (which in most formats including openssl's is really a keypair) and a m

OpenSSL 1.0.1E and FIPS 2.0.x?

I've searched archives for an answer, but found nothing obvious - if we move from OpenSSL 1.0.1c (with FIPS OM 2.0) to OpenSSL 1.0.1e, do we also have to move ahead to latest version of FIPS OM which appears to be 2.0.4? Thanks +-+-+-+-+-+-+ Dave McLellan, Symmetrix Software Engineering EMC Corp

Is my process correct.

Hi, A key/pair was sent to me from my admin and it looked like it came from GeoTrust. It's a wildcard cert. I downloaded the Root CA from GeoTrust 's web site because LDAP requires the CA file. What command do I use to make sure the key/pair that was sent to me is compatible with Geo

OpenSSL Help

Hi; I am using openssl for CI Plus implementation. There are some key computations required. These keys are refered as Authentication Key (AKH) and Secured Channel Key (SAK, SEK). Please let me know which APIs from openssl code / library will help me for it. If you have any reference code / l

Re: Diffie Hellman problem

Amazing, it was a version problem. I've only wasted two days trying to understand what's wrong with my code and doing tests. Thanks everyone for you help!! Aleix Ventayol | Mobile Jazz C. Nàpols, 187, 9º, 08013 Barcelona http://mobilejazz.cat

RE: Creating certificates

Read my comments please. -Original Message- From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of Patrick Patterson Sent: Wednesday, June 19, 2013 7:50 PM To: openssl-users@openssl.org Subject: Re: Creating certificates Hi Rodney, First of all, this

Installing openssl-devel-1.0.1e

Hi , I have installed openssl 1.0.1e, using rpm -ivh --nosignature http://rpm.axivo.com/redhat/axivo-release-6-1.noarch.rpm yum --enablerepo=axivo update openssl Now i need to install devel package too. when i do yum install openssl-devel. i see warnings and log such as: Protected multilib vers

Re: openssl 1.0.1e Signature verification problems

On Thu, Jun 20, 2013, anand rao wrote: > The output of command "openssl asn1parse -i -in cacert.pem"  is > >     0:d=0  hl=4 l= 872 cons: SEQUENCE >     4:d=1  hl=4 l= 729 cons:  SEQUENCE >     8:d=2  hl=2 l=   3 cons:   cont [ 0 ] >    10:d=3  hl=2 l=   1 prim:    INTEGER           :02 >    13:d

Re: Diffie Hellman problem

On Thu, Jun 20, 2013, Aleix Ventayol wrote: > Hi Dave, > > I've tried my code again and I get the following error: > > 330098688:error:0D07A097:asn1 encoding routines:ASN1_mbstring_ncopy:string > too > long:/SourceCache/OpenSSL098/OpenSSL098-47.1/src/crypto/asn1/a_mbstr.c:154:maxsize=64 > 433009

Re: Diffie Hellman problem

Hi Dave, I've tried my code again and I get the following error: 330098688:error:0D07A097:asn1 encoding routines:ASN1_mbstring_ncopy:string too long:/SourceCache/OpenSSL098/OpenSSL098-47.1/src/crypto/asn1/a_mbstr.c:154:maxsize=64 4330098688:error:0B07806F:x509 certificate routines:X509_PUBKEY_set