I'm seeing a problem where my application cannot initialize the FIPS library
(i.e. the call to FIPS_mode_set fails) when using 1.0.2j libraries. The error I
get is: "FIPS_check_incore_fingerprint:fingerprint does not match:fips.c:232:"
However if I build 1.0.2i libraries, everything is fine. I a
-- Forwarded message --
From: Salz, Rich
Date: Thu, Oct 27, 2016 at 10:27 PM
Subject: RE: osf-contact SignatureValue
To: "Hugo N.Barretto" , "i...@opensslfoundation.org"
Probably more useful to ask your questions on the openssl-users mailing
list; see https://mta.openssl.org
Dear,
Yes I know.
I already extracted both keys from the .p12 file.
My biggest problem is how you can add the original file (in this case
‘RequestFeedbacks.xml’) as attachment? (the signature ‘smime.p7s’ is already
attached)
Thanks for you quick reply and support!
Kind regards,
Lander
Van:
Sorry, my fault.
I think you should use the openssl smime command, but it doesn't work with
PKCS12, so you will have to extract the private and public keys using the
openssl pkcs12 command.
28 окт. 2016 г. 2:34 PM пользователь "Lander Bulckaen"
написал:
> Dear Dmitry,
>
>
>
> The result must be
Dear Dmitry,
The result must be as mentionned below?
Van: openssl-users [mailto:openssl-users-boun...@openssl.org] Namens Dmitry
Belyavsky
Verzonden: donderdag 27 oktober 2016 19:09
Aan: openssl-users@openssl.org
Onderwerp: Re: [openssl-users] Help
Hello
You should use the XMLSec library
> More generally, I have found that it is often useful to heuristically adjust
> server side negotiation options based on clues found in the initial handshake
YES!
See https://github.com/openssl/openssl/pull/1597
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/lis
I cannot seem to use EVP_aes_256_wrap() in FIPS mode. I saw some earlier
discussions on using low level APIs; but I am using the EVP method. Is it
supported? I am using 1.0.2h/2.0.12.
Thanks much
-S
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-u
On 27/10/2016 00:48, Matt Caswell wrote:
On 26/10/16 21:06, Michael Kocum wrote:
1.1.0b fails to negotiate from an old program that uses OpenSSL.
The same old program can connect to 1.0.2h without any problem.
Here is the debug log of the server. Maybe someone can point me in the right
directi
Please note that the below summary contains a few exaggerations. For
instance the duplicate serial numbers seem to have been a software bug
that issued N certificates with the same serial on busy days, while the
backdating seemed much less excusable. The person posting this seems
also to be e
