On Sun, Apr 27, 2014 at 03:47:45PM +0200, Walter H. wrote:
> >Is there any way to control the incrementing of the serial number from the
> >root CA so that it is completely random,
>
> No.
Whether it is or is not a good idea to do store and use issuing CA
keys in multiple locations, it *is* possi
On 26.04.2014 05:52, csa321 wrote:
We've generated our own CA for self-signing certificates.
The issue is that
we package up the openssl install for installation on multiple servers.
Therefore, the root CA we create is part of the package as well.
the private key of the root CA should only
Hello,
We've generated our own CA for self-signing certificates. The issue is that
we package up the openssl install for installation on multiple servers.
Therefore, the root CA we create is part of the package as well.
The problem is that since the CA cert will have the same serial number
acr
Furthur investigation shows the slowness is happening at _ssl.c line 306,
self->ctx = SSL_CTX_new(SSLv23_method()); /* Set up context */
Is this line code involving client/server communication yet?
--
View this message in context:
http://openssl.6102.n7.nabble.com/slowness-of-ssl-sslwrap-on-
As a US based organization, Apache is unsuited and (given fairly recent
public news) untrusted to have any power of a project such as OpenSSL.
Additionally, the Apache foundation has accumulated so many important
projects over the last few years that it they are becoming a single
point of failur
I am debugging a problem where opening a ssl connection from application A is
very slow the first time (30 secs), but it's very fast in subsequent calls.
In addition, in another application B, the same ssl connection is fast even
for the first time. The profiler shows the slowness is caused by
_ssl
