Hi
I have done that and compared the output with diff
The only differences are
Serial number
Signature algo
Comment
Signature.
Alex
From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf Of
Jakob Bohm
Sent: Wednesday, 18 March 2015 6:50 AM
To: openssl-users@openssl.org
Subje
In case anyone is following this thread, Matt's suggestion led to the solution.
It turns out we weren't getting a packet from the remote end and all my angst
was for naught. Thanks, Matt, for your help. N
-Original Message-
From: openssl-users [mailto:openssl-users-boun...@openssl.org
On 16/03/2015 02:46, Alex Samad - Yieldbroker wrote:
Hi
I had a sha1 signed CA and I issued other identity and CA certificates from
this CA.
With the deprecation of sha1 coming, I resigned my original CA (self signed) as
sha512, with the same creation and expiry dates. I believe the only thi
> From: "Dr. Stephen Henson"
> Date: 03/17/15 12:28
> What are the two platforms? That is what does:
First of all, I'm very, very sorry to have posted duplicates of the question.
The web-access email client is, was, a bit on the fuzzy side, stalling and
reporting errors.
It turns out, at
> Ok, so TLS does not handle this.
The current draft of the TLS 1.3 specification includes a field to pad every
data record.
___
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
On 03/13/15 20:56, Salz, Rich wrote:
> I'm using TLS 1.2 with compression and was wondering if OpenSSL
implements ways to hide the exact length of the message (may be using RFC
6066).
No. What in 6066 were you thinking of trying to use?
___
openss
I'm trying to build a library self-consistent instance of openssl 1.0.2 on
linux/64.
Setting *FLAGS & rpath, although the openssl binary links correctly against its
own {libcrypto,libssl}.so, the libssl.so links against *system*, not its own,
libcrypto.
I've tried a bunch of combinations of *F
On Tue, Mar 17, 2015, jonetsu wrote:
> Hello,
>
> There is a problem with compiling the openssl-1.0.1e.tar.gz
> sources against the FIPS 2.0 canister.
>
> On my machine the following is declared global:
>
> 000dd3c0 T private_AES_set_decrypt_key
> 000dd0f0 T private_AES_set_encr
Hello,
There is a problem with compiling the openssl-1.0.1e.tar.gz
sources against the FIPS 2.0 canister.
On my machine the following is declared global:
000dd3c0 T private_AES_set_decrypt_key
000dd0f0 T private_AES_set_encrypt_key
On another machine, they are declared local
Hello,
There is a problem with compiling the openssl-1.0.1e.tar.gz
sources against the FIPS 2.0 canister.
On my machine the following is declared global:
000dd3c0 T private_AES_set_decrypt_key
000dd0f0 T private_AES_set_encrypt_key
On another machine, they are declared local a
Hello,
There is a problem with compiling the openssl-1.0.1e.tar.gz
sources against the FIPS 2.0 canister.
On my machine the following is declared global:
000dd3c0 T private_AES_set_decrypt_key
000dd0f0 T private_AES_set_encrypt_key
On another machine, they are declared local and
Hello,
There is a problem with compiling the openssl-1.0.1e.tar.gz
sources against the FIPS 2.0 canister.
On my machine the following is declared global:
000dd3c0 T private_AES_set_decrypt_key
000dd0f0 T private_AES_set_encrypt_key
On another machine, they are declared local and
On Tue, Mar 17, 2015, Michael Stickles wrote:
> I am attempting to generate keys using genpkey, with the RSA options
> specified in a parameter file:
>
>
> openssl genpkey -paramfile keygen.params -out ftest.key -outform PEM
>
>
> However, I'm constantly getting the following error:
>
>
> E
I am attempting to generate keys using genpkey, with the RSA options
specified in a parameter file:
openssl genpkey -paramfile keygen.params -out ftest.key -outform PEM
However, I'm constantly getting the following error:
Error reading parameter file keygen.params
I can't find any document
If it fits your needs, you may want to look into using EST (RFC 7030)
instead of SCEP. EST is the replacement for SCEP. The SCEP draft was
never ratified. The libest open source project implements RFC 7030 and
uses OpenSSL. It's available at https://github.com/cisco/libest.
On 03/17/2015 12:
On 17/03/15 00:51, Narada Hess wrote:
> HI,
>
> I have a client application using a single read-write socket in
> non-blocking mode. In C, on Linux, using openssl 1.0.1e. After the
> connection is established and all the initial handshaking is done, the
> client issues SSL_read(), then enters a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 17/03/15 00:32, Sec_Aficionado wrote:
> Thanks for the heads up. Just to confirm, is this "highest severity
> defect" a yet-to-be-disclosed vulnerability, or a fix for an
> already known one?
This is a previously undisclosed vulnerability.
Matt
17 matches
Mail list logo
