Hi All,
Do we have the exact list of cipher suites supported by default in openssl
for each of the below in 1.1.0g version of openSSL.
TLS 1.0
TLS 1.1
TLS 1.2
DTLS 1.0
DTLS 1.2
Thanks,
Grace
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
* FYI, I came up with following manual solution to correctly build 1.0.2l
static library with FIPS - 2.0.16 on Windows, using Visual Studio 2015. This
seems to work, and I no longer need to carry run time DLLs along with the
application. I feel this should be an acceptable solution. Does any
Thank for your answer, it is very helpful:
I build OpenSSL with a Linux installed on the virtual box.
I think it's much easier than looking for solutions on a Windows.
best regards,
Alexander.
--
Sent from: http://openssl.6102.n7.nabble.com/OpenSSL-User-f3.html
--
openssl-users mailing list
> On Nov 14, 2017, at 2:30 AM, Marcus Lundblad
> wrote:
>
> I'm trying to verify a timestamp that was signed using a signer
> certificate that has been issued by an intermediate CA.
> I'm only able to verify when specifying the intermediate CA certificate
> as "-untrusted" and the root CA cert
On 14/11/17 09:40, marcus.schafheu...@gmx.de wrote:
> Hello,
>
> I am referring to the DoS via repeated SSL session renegotiations
> (http://kalilinuxtutorials.com/thc-ssl-dos/).
>
> Prior to OpenSSL 1.1.0 the approach to deactivate client renegotiation
> was to set the corresponding flag via
FYI, I came up with following manual solution to correctly build 1.0.2l static
library with FIPS - 2.0.16 on Windows, using Visual Studio 2015. This seems
towork, and I no longer need to carry run time DLLs along with the application.
I feel this should be an acceptable solution. Does anyone see
Hi,
On 14/11/17 10:25, Richard Levitte wrote:
From the look of that PNG, you're building in a native Windows
environment. The ony configs available in the main source are for
Visual C, and are configured like this:
perl Configure --prefix=D:\openssl\bin shared VC-WIN64A
If you meant to
Hi Marcus,
Try giving -CAfile a concatenated file with both CA certificates inside.
hulk:/tmp $ cat DSS* > chain.pem
hulk:/tmp $ openssl ts -verify -in /tmp/out10.tsp -queryfile /tmp/out10.tsq
-CAfile chain.pem
Verification: OK
Cheers,
-Dave
> On Nov 14, 2017, at 02:30, Marcus Lundblad
>
On 14/11/17 10:44, mahesh gs wrote:
> case SSL_ERROR_SYSCALL:
>
> if (EWOULDBLOCK == errno || EAGAIN == errno)
> {
> /* Nothing to do, retry to connect again */
> }
This doesn't look right. If SSL_connect() fails due to an NBIO event
then you should get SSL_ERROR_WANT_READ or SSL_ERROR_WANT_
Hi,
As per the suggestion from openssl documentation whenever the SSL API
returns SSL_ERROR_WANT_READ or SSL_ERROR_WANT_WRITE, The calling process
then must repeat the call after taking appropriate action to satisfy the
needs of SSL_connect().
I am copying the code bits here,
do
{
/* Clear o
On 14 Nov 2017, at 12:00 PM, mahesh gs wrote:
> We have application that provide DTLS security for SCTP connections. During
> our testing we found that API "SSL_connect " fail and always returns
> SSL_ERROR_WANT_READ which causes infinite loop in the application.
Are you properly handling that
Hi All,
We have application that provide DTLS security for SCTP connections. During
our testing we found that API "*SSL_connect* " fail and always returns
SSL_ERROR_WANT_READ which causes infinite loop in the application.
Scenario:
1) On Server side "Client Certificate Request" is enabled by set
Hello,
I am referring to the DoS via repeated SSL session renegotiations (http://kalilinuxtutorials.com/thc-ssl-dos/).
Prior to OpenSSL 1.1.0 the approach to deactivate client renegotiation was to set the corresponding flag via a
callback function, e.g. :
---
SSL *connection;
...
connecti
>From the look of that PNG, you're building in a native Windows
environment. The ony configs available in the main source are for
Visual C, and are configured like this:
perl Configure --prefix=D:\openssl\bin shared VC-WIN64A
If you meant to cross compile for a Linux, I do not have an answer
14 matches
Mail list logo
