RE: OpenSSL PKI Tutorial updated

2014-03-28 Thread Michael Wojcik
> From: owner-openssl-us...@openssl.org [mailto:owner-openssl- > us...@openssl.org] On Behalf Of Zack Williams > Sent: Thursday, 27 March, 2014 20:26 > > On Thu, Mar 27, 2014 at 2:47 AM, Stefan H. Holek wrote: > > No reason. Just for maximum compatibility. Every software can do SHA1. But > this c

Question on ECC (openssl vs wcurve)

2014-03-28 Thread Gayathri Sundar
Hi All, Have a basic ECC question, I have a predefined scalar K, and I used the x9.62 256 prime curve. Invoking the scalar multiplication method EC_POINT_mul with the generator of that curve, I get a different output, when compared with wcurve of python. The curve is fixed, K is fixed but the ge

Enabling s_server to use a local CRL file

2014-03-28 Thread Lakshmi Reguna
Hi, I would like to know how I can specify s_server to use a local CRL file. Do I need to specify a LDAP CRL distribution field in the certificate which is being checked against the CRL ? Thanks, Lakshmi. *** Please note that this message and any attachments may contain confidential and pro

Re: Error Using FIPS compliant OpenSSL Library Files in VC++ in Visual Studio 2005

2014-03-28 Thread imran.sherdin
*Dear OpenSSL users, I would like to post my successful compilation of FIPS compliant OpenSSL Regards Imran Sher Din * *= Building OpenSSL for Visual Studio 2005/2008/2010 =* *= Req

Re: Help regarding Compile FIPS compliant OpenSSL on Windows platform

2014-03-28 Thread imran.sherdin
Dear OpenSSL users, I would like to post my successful compilation of FIPS compliant OpenSSL Regards Imran Sher Din *= Building OpenSSL for Visual Studio 2005/2008/2010 =* *= Requirements

Re: How to swap engines / register functionality on the fly

2014-03-28 Thread axisofevil
Well , now this one: HSM_Sign EVP_DigestSignFinal FAIL rc: 0 error:25066067:DSO support routines:DLFCN_LOAD:could not load the shared library. However I have a separate test app that does not exhibit this [ the test app just does one signing, using HSM ]. -- View this message in context: htt

Re: Are certificates exchanged in for eNULL ciphers?

2014-03-28 Thread Deepti Jindal
Thanks Viktor and Steve. :) -- View this message in context: http://openssl.6102.n7.nabble.com/Are-certificates-exchanged-in-for-eNULL-ciphers-tp48952p48993.html Sent from the OpenSSL - User mailing list archive at Nabble.com. __

Re: ECDHE-ECDSA Support

2014-03-28 Thread Rob Stradling
On 27/03/14 13:17, Rob Stradling wrote: Hi Thomas. I was told a while ago that Google's servers will only negotiate ECDHE-ECDSA if the client i) sends the SNI extension and ii) does _not_ offer any compression methods. IINM, s_client always offers zlib compression if zlib support is compiled in

Re: How to swap engines / register functionality on the fly

2014-03-28 Thread axisofevil
Makes sense, thanks. However, at EVP_DigestSignFinal(mdctx, sig_der, &sig_len) I get rc: 0 error:2606C043:engine routines:ENGINE_FREE_UTIL:passed a null parameter ( I had had this before ). Parms for EVP_DigestSignFinal seem OK. -- View this message in context: http://openssl.6102.n7.nabble