On Mon, 2016-12-19 at 10:21 -0800, Kyle Hamilton wrote:
> You cannot keep the certificate from OpenSSL, as that's the piece
> that you share with the remote side. This contains the public key,
> and the information bound to that public key by the CA.
Right.
> However, you can keep the private k
> Basically, the SSL structure used to contain tlsext_hb_pending variable. After
> looking up, I found out there is now a function to get the value of 'pending'.
> What I need is to set the value. How can I do that now with 1.1.x?
It seems that when the structures were made opaque, we didn't reali
You cannot keep the certificate from OpenSSL, as that's the piece that you
share with the remote side. This contains the public key, and the
information bound to that public key by the CA.
However, you can keep the private key from being seen by OpenSSL. There
exists what is called an ENGINE int
> On Dec 19, 2016, at 2:12 AM, Brice André wrote:
>
> On self-written client side, I use C++ code whose soap part is generated by
> gsoap. You will find attached the generated code, as well as the wrapper that
> I wrote and that uses the generated code). I also use openssl (1.0.1j 15 Oct
> 20
Hi -
I have a situation coming up that is similar to a client cert being
held on a secure key store, like a key vault.
We need to be able to perform TLS communication with a remote server
using the key, but without giving the key to OpenSSL.
The "other side" of the "key vault" is smart, and we c
