certificate verification problem

Hi, trying to build a valid certificate chain, I came across the following problem: I have two certificates. The first one, contained in file root_ca.pem, is a self-signed root CA, intended to sign intermediate CA's with. The second one, contained in host_ca.pem, is such an intermediate CA, it

Re: Make depend issue in Openssl-1.0.1j/ssl

I ran into this as well, but fixed it. The issue for me was my build environment was for a cross compilation. It had some extra compiler/linker options that caused the compiler to search the sysroot path header files before the ones specified by -I statements. The result was the compiler was

RE: Make depend issue in Openssl-1.0.1j/ssl

Suggest you try again starting from a new download (or after checking the digest of your current download). This works fine for me, and many people must have done similar builds without reporting this. If that doesn't work, you'll need to specify the platform you're trying to build on and th

Make depend issue in Openssl-1.0.1j/ssl

Hello, I am running in the following issue when I do a "make depend (after the "./config shared no-ssl3"): making depend in ssl... make[3]: Entering directory '.../openssl-1.0.1j/ssl' s3_lib.c:3370:4: #error Code needs update for SSLv23_method() support beyond TLS1_2_VERSION. d1_lib.c:27

Re: Expected results for testing Poodlebug using OpenSSL CLI

On 29/10/2014 21:14, Paul Konen wrote: Hi, I found on the web a way to use your tool to test for the new vulnerability called Poodlebug. The command is: opsnssl s_client –connect ip:port –ssl3 I feel that I have tomcat configured to use TLS only and this is the response back. When I execu

Re: EC PrivateKey format

On Thu, Oct 30, 2014, Carl Tietjen wrote: > Hey folks, > > I am trying to get (export) a raw EC private key in the PKCS#8 format. > > I am using the function i2d_PrivateKey (in i2d_pr.c). The problem is that > this code first checks to see if there is an old method (i.e. > a->ameth->old_priv_

EC PrivateKey format

Hey folks, I am trying to get (export) a raw EC private key in the PKCS#8 format. I am using the function i2d_PrivateKey (in i2d_pr.c). The problem is that this code first checks to see if there is an old method (i.e. a->ameth->old_priv_encode) and if there is, it uses that method and returns.

Re: EVP_verify APIs

On Thu, Oct 30, 2014, Gayathri Manoj wrote: > Hi Matt, > > Currently I am getting the signed hash message from some other entity. So i > can't make changes for the signing part. > My current implementation is phone will send the signed hash message and > our application will decrypt the signed me

Re: Windows and p12 files [Solved] sorta;

Gregory, >> * - Windows indeed will not handle a .p12 cert+key with the PKCS5 v2 [i.e. >> aes-256] encryption on it. It appears to only handle 3DES. [I didn't test >> every possible PBE - just 3DES and AES256] The Microsoft Windows operating system uses Cryptographic Service Provider (CSP

RE: How to get https web site certificate public key

> From: owner-openssl-us...@openssl.org On Behalf Of Jerry OELoo > Sent: Tuesday, October 28, 2014 04:20 > Now I use i2d_RSAPublicKey() to encode on RSA* from EVP_PKEY which > will show same as [Chrome] > > One more thing, I find use i2d_RSAPublicKey() will be get same public > between openssl A

certificate

dear all i made a c++ code for client server the server is the CA the client sends a request to the CA server and the server reply by a certificate then i have tried some options 1- server can verify the certificate using function chekcert(X509 *) 2- the client can convert the certificate into in

Re: EVP_verify APIs

Hi Matt, Currently I am getting the signed hash message from some other entity. So i can't make changes for the signing part. My current implementation is phone will send the signed hash message and our application will decrypt the signed message by using RSA_public_decrypt() and then we compare t

Re: Expected results for testing Poodlebug using OpenSSL CLI

* Paul Konen: > Is the above window showing that is was NOT able to make a SSLv3 connection? Yes, the output is certainly confusing, but it indicates an aborted SSL 3.0 handshake. __ OpenSSL Project

RE: Help

You may have missed the openSSL wiki which is not always obvious to reach when you start …. Do not forget to initialize openSSL in your code as explained at http://wiki.openssl.org/index.php/Libcrypto_API A good place to get a grip on the relev