Steve,
Thanks much for the reply. I did not realize that EVP_PKEY structures
can have their own callbacks. It's a few extra hoops, but worth it!
Thanks,
Karthik
On Wed, Jul 24, 2013 at 8:15 AM, Dr. Stephen Henson wrote:
> On Tue, Jul 23, 2013, Karthik Krishnamurthy wrote:
>
>> OpenSSL provides
>From: owner-openssl-us...@openssl.org On Behalf Of 133mmx runner
>Sent: Wednesday, 24 July, 2013 10:04
>I also generated self signed ssl certificate for my server. My server
>is in .Net platform and my client is using openssl API.
That means the client is code you wrote?
>My client also does n
>From: owner-openssl-us...@openssl.org On Behalf Of Rajesh Malepati
>Sent: Wednesday, 24 July, 2013 13:03
>On Wed, Jul 24, 2013 at 9:30 PM, kirpit wrote:
>>... requests to one of our API provider
>>... works fine with 0.9.8o but 1.0.1e.
>The server doesn't seem to care to respond to clients sup
On Wed, Jul 24, 2013 at 9:30 PM, kirpit wrote:
> Hi,
>
> I had been struggling for couple of days to figure out why requests to one
> of our API provider simply do not work in Debian Wheezy while it does in
> Squeeze.
>
> I am really not sure if the real problem is about the server it tries to
>
There is currently support for generic TLS extensions, and I am working on a
contribution which would add support for generic Supplemental Data. The two
combined would allow an application to support RFC 5878.
Scott
On Jul 24, 2013, at 12:57 AM, Lionel Estrade
wrote:
> Hello,
>
> I am l
I figured it out late last night.
The instructions on the documentation area of the site were a bit lacking.
(I have made my notes and instruction augmentations).
On Wed, Jul 24, 2013 at 7:12 AM, Dr. Stephen Henson wrote:
> On Tue, Jul 23, 2013, Stacy Devino wrote:
>
> > Hello All,
> >
> >
Hi,
I had been struggling for couple of days to figure out why requests to one
of our API provider simply do not work in Debian Wheezy while it does in
Squeeze.
I am really not sure if the real problem is about the server it tries to
connect or a bug in openssl. However, it simply works fine with
On 24 July 2013 08:57, Lionel Estrade wrote:
> Hello,
>
>
>
> I am looking for a SSL/TLS stack for a project based on CVP2 and I need to
> know if the following RFCs (which are required by CVP2) are fully/partially
> implemented in OpenSSL.
>
> RFC 4680 - TLS Handshake Messages for Supplemental
Thanks for your reply.
I also generated self signed ssl certificate for my server. My server is in
.Net platform and my client is using openssl API.
My client also does not give any error with my self-signed server
certificate. Connection is establishing successfully. I think my client is
not vali
Hi Steve,
On 2013-07-23, at 6:13 PM, Steven Madwin wrote:
> Hi Patrick,
>
> Both you and Dr. Henson have made it clear that the OCSP server
> implementation is only to be used for testing. With that in mind, the server
> implementation does act as a server and responds to inbound requests via
>
On Tue, Jul 23, 2013, Karthik Krishnamurthy wrote:
> OpenSSL provides multiple SSL objects to be created from a single SSL_CTX
> object and each SSL object can use a different privatekey file
> (SSL_use_PrivateKey_file).
>
> Given this flexibility, I don't see an option to have a password callbac
On Tue, Jul 23, 2013, Stacy Devino wrote:
> Hello All,
>
> I modified the exports to build the FIPS module correctly.
>
> Using Android NDK 8e, building for API14 using the arm-linux-androideabi
>
> It builds the FIPs modules correctly and places them in my Home Directory,
> which is where I t
Thus wrote Lionel Estrade (lionel.estr...@myriadgroup.com):
> I am looking for a SSL/TLS stack for a project based on CVP2 and I
> need to know if the following RFCs (which are required by CVP2) are
> fully/partially implemented in OpenSSL.
> RFC 4680 - TLS Handshake Messages for Supplement
Hello,
I am looking for a SSL/TLS stack for a project based on CVP2 and I need to
know if the following RFCs (which are required by CVP2) are fully/partially
implemented in OpenSSL.
RFC 4680 - TLS Handshake Messages for Supplemental Data
RFC 5878 - TLS Authorization Extensions
RFC - Auth
Hi Patrick,
Both you and Dr. Henson have made it clear that the OCSP server
implementation is only to be used for testing. With that in mind, the server
implementation does act as a server and responds to inbound requests via
http in version 0.9x, but that functionality stopped working in version
The short answers is no. An OCSP response has to be signed by the issuer (or
a delegate of the issuer) and a self-signed cert is issued by itself. As a
general rule certs can't revoke themselves so there is no need to get a
revocation response for a self-signed cert.
Steve
-Original Message--
16 matches
Mail list logo
