Hi Matt,
Sorry for the late answer.
On Mon, Oct 23, 2017 at 04:31:02PM +0100, Matt Caswell wrote:
>
>
> On 23/10/17 16:16, Olivier Houchard wrote:
> > Hi,
> >
> > I'm trying to use OpenSSL 1.1.1 to accept or reject early data based on
> > the SNI, and I'm a bit confused on how to do so.
> > Th
Hello all,
First, some config info:
OpenSSL v1.0.1t
PLATFORM=arm-linux-
OPTIONS=enable-tls enable-threads enable-shared
--cross-compile-prefix=arm-linux- -pthread --prefix=/usr/local
no-ec_nistp_64_gcc_128 no-gmp no-idea no-jpake no-krb5 no-md2 no-mdc2 no-rc5
no-rfc3779 no-ripemd no-sctp no-ss
Hi Jayalakshmi,
Is your implementation OSS or intellectual property? If it is OSS can you
please provide the URL?
Regards,
Freemon
On Wed, Oct 25, 2017 at 1:06 PM, Jayalakshmi bhat <
bhat.jayalaks...@gmail.com> wrote:
> Hi All,
>
> Our device uses TPM to protect certificate private keys. We hav
> From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf
> Of Michael Richardson
> Sent: Wednesday, October 25, 2017 18:37
>
> Jakob Bohm wrote:
>
> > Please beware that many TPM chips were recently discovered to contain a
> > broken RSA key generation algorithm, so publi
Hi everyone,
When I execute ENGINE_by_id ('pkcs11') I get a ENGINE structure where
load_ssl_client_cert (ENGINE_SSL_CLIENT_CERT_PTR type) is null.
I'm using Gemalto and Athena cards.
Is this behavior related to a card or a pkcs11 engine?
This is a problem because calling SSL_CTX_set_client_cert_
On 26/10/17 16:43, Grace Priscilla Jero wrote:
> Thankyou for the responses.
> We figured the issue. But now we are getting error -5 from "SSL_connect"
> and the errno is set to 22 which means invalid argument.
> Is there a easy way to debug or get logs for SSL_connect.
>
> Below is the sequence
Thankyou for the responses.
We figured the issue. But now we are getting error -5 from "SSL_connect"
and the errno is set to 22 which means invalid argument.
Is there a easy way to debug or get logs for SSL_connect.
Below is the sequence for the dtls udp connect that we are trying.
ssl = SSL_new(c
On 26/10/17 13:50, Kadlecsik József wrote:
> Hi Matt,
>
> On Thu, 26 Oct 2017, Matt Caswell wrote:
>
> Oct 20 18:50:05 mail2 dovecot: imap-login: Debug: SSL error: SSL_read()
> failed: error:140E0197:SSL routines:SSL_shutdown:shutdown while in init
>>>
>>> But why SSL_read() failed wit
Hi Matt,
On Thu, 26 Oct 2017, Matt Caswell wrote:
> >>> Oct 20 18:50:05 mail2 dovecot: imap-login: Debug: SSL error: SSL_read()
> >>> failed: error:140E0197:SSL routines:SSL_shutdown:shutdown while in init
> >
> > But why SSL_read() failed with this error message?
>
> That I can't explain since
On 10/26/2017 3:33 AM, Michael Ströder wrote:
Michael Richardson wrote:
Jakob Bohm wrote:
wow, further evidence that everything needs an upgrade path.
From the viewpoint of hardware vendors the upgrade path is selling new
hardware. It's simply like that. Not very sustainable...
All the T
On 26/10/17 13:28, Kadlecsik József wrote:
> Hi,
>
> On Thu, 26 Oct 2017, Matt Caswell wrote:
>
>>> Oct 20 18:50:05 mail2 dovecot: imap-login: Debug: SSL error: SSL_read()
>>> failed: error:140E0197:SSL routines:SSL_shutdown:shutdown while in init
>>>
>>> The openssl package is 1.1.0f-3.
>>>
>
Hi,
On Thu, 26 Oct 2017, Matt Caswell wrote:
> > Oct 20 18:50:05 mail2 dovecot: imap-login: Debug: SSL error: SSL_read()
> > failed: error:140E0197:SSL routines:SSL_shutdown:shutdown while in init
> >
> > The openssl package is 1.1.0f-3.
> >
> > The error messsage is total cryptic to me: how c
On 26/10/17 11:22, Kadlecsik József wrote:
> Hello,
>
> We upgraded one of our dovecot servers to debian stretch with dovecot
> 2.2.27 and since then an alpine MUA user has been experiencing random IMAP
> failures.
>
> We enabled debugging at both sides, the client tells only:
>
> {}INBO
In message
on Wed, 25 Oct 2017 22:36:45 +0530, Jayalakshmi bhat
said:
bhat.jayalakshmi> Our device uses TPM to protect certificate private
bhat.jayalakshmi> keys. We have written engine interface to integrate
bhat.jayalakshmi> TPM functionality into OpenSSL. Thus TPM gets loaded
bhat.jayalaksh
On 25/10/17 18:02, Jayalakshmi bhat wrote:
> Hi Matt,
>
> Thanks a lot. This helps me. I had seen different options for OpenSSL
> 1.0.1e versions. Hence had some confusions.
> Does this means, options specified here only can be used for OpenSSL
> 1.0.2x releases.
The INSTALL file is specific to
Hello,
We upgraded one of our dovecot servers to debian stretch with dovecot
2.2.27 and since then an alpine MUA user has been experiencing random IMAP
failures.
We enabled debugging at both sides, the client tells only:
{}INBOX: [CLOSED] IMAP connection broken (server response)
and we co
Michael Richardson wrote:
>
> Jakob Bohm wrote:
> >> I wanted to know when we use engine instance for encyrption/decryption
> >> operation, can it be done selectively?
>
> > Please beware that many TPM chips were recently discovered to contain a
> > broken RSA key generation algo
17 matches
Mail list logo
