>From: owner-openssl-us...@openssl.org On Behalf Of Seth Rice
>Sent: Tuesday, 16 July, 2013 17:59
>I'm running OpenSSL 1.0.0-fips 29 Mar 2010. I made a jump from
>a 2009 build yesterday and noticed my scripts were returning data
>that I didn't expect to see.
>It turns out that openssl now repli
Since I hadn't looked for a while, I thought that I'd see where the current
Openssl FIPS work stood and found this:
http://www.opensslfoundation.com/fips/ig95.html
Surprised that I hadn't heard about this previously but if I'm reading it
correctly, it seems to effectively kill any future Openss
> From: owner-openssl-us...@openssl.org On Behalf Of redpath
> Sent: Tuesday, 16 July, 2013 11:13
> I was able to piece together a test application (enclosed
> below) which loads an x509 file and performs
> an OSCP request programmatically. I created a server to dump
> what is written at the po
> From: owner-openssl-us...@openssl.org On Behalf Of Nayna Jain
> Sent: Monday, 15 July, 2013 11:49
> It takes some time for my server to respond to openssl
> s_client connection request.
> However, openssl s_client timesout before the response.
>
Are you using DTLS with -timeout? Otherwise, and
> From: owner-openssl-us...@openssl.org On Behalf Of deepak.kathuria
> Sent: Monday, 15 July, 2013 23:31
> I am using openssl OCSP utility as OCSP Responder in linux
> platform. Once
> OCSP Responder receives OCSP Request it will send OCSP Response and
> terminate the TCP connection by sending FI
I'm running OpenSSL 1.0.0-fips 29 Mar 2010. I made a jump from a 2009 build
yesterday and noticed my scripts were returning data that I didn't expect
to see.
It turns out that openssl now replies with something I'll call the "depth
header". This is data that I can't seem to suppress from being sh
On 15 Jul 2013, at 4:24 PM, jimits10 wrote:
> i have a custom extension with test oid 1.2.3.4.5. I try to extract the oid
> data in the following manner:
[]
> On investigating i found that ASN1 String was encoded in the form that it
> had 04 at the start to denote ASN1 coding followed by the l
i have a custom extension with test oid 1.2.3.4.5. I try to extract the oid
data in the following manner:
int custom_nid=OBJ_create("1.2.3.4.5","sampleAlias","sample");
int custom_idx=X509_get_ext_by_NID(cert,custom_nid,-1);
X509_EXTENSION *extension=X509_get_ext(cert,custom
Hi All,
I'm trying to run OpenSSL through Clang's scan-build
(http://clang-analyzer.llvm.org/scan-build.html). According to the
page, I should be configuring and building a debug configuration (both
through scan-build).
Does OpenSSL supply a 'generic' debug configuration? Or should I use
Ben Laur
Hi,
I am using openssl OCSP utility as OCSP Responder in linux platform. Once
OCSP Responder receives OCSP Request it will send OCSP Response and
terminate the TCP connection by sending FIN for TCP Connection. Why OCSP
responder trying to close the connection? Is there any way by whcih OCSP
Respond
I was able to piece together a test application (enclosed below) which loads
an x509 file and performs
an OSCP request programmatically. I created a server to dump what is written
at the port.
The result is shown below.
POST
[ /][Content-Type:application/ocsp-request]
[Content-Length:113]
0o0m0F0
On Tue, Jul 16, 2013, redpath wrote:
> To make this more clear, I simply have an X509 and want to programmatically
> create a OSCP request to check status for the cert.
>
You also need the CA certificate as the hash of the CA public key is
needed.
> There are no examples other than openssl comm
> There are no examples other than openssl commands, I have a program on a
> device and need to programmatically check x509 periodically.
That is generally true of most openssl-based "applications"
You'll have to start by reading and learning apps/ocsp.c
/r$
--
Principal Security Eng
To make this more clear, I simply have an X509 and want to programmatically
create a OSCP request to check status for the cert.
There are no examples other than openssl commands, I have a program on a
device and
need to programmatically check x509 periodically.
Thanks in advance.
--
View thi
14 matches
Mail list logo
