On 04/05/2018 02:16, Lunessia wrote:
Hello everyone,
I've been having various troubles with installing and compiling OpenSSL.
I started with 1.1.1-pre6, and my Perl client will tell me that I
don't have NASM even if I have it installed (If I use VC-WIN64A) or
output "If you want to report a bui
Hello everyone,
I've been having various troubles with installing and compiling OpenSSL.
I started with 1.1.1-pre6, and my Perl client will tell me that I don't
have NASM even if I have it installed (If I use VC-WIN64A) or output "If
you want to report a building issue, please include the output fr
Hi All,
In addition to the my previous mail, this is additional info
objdump -t libcrypto.so.1.0.0 | grep FIPS_signature
001ad8b0 l O .data 0014 FIPS_signature
readelf -a libcrypto.so.1.0.0 | grep FIPS_signature
11812: 001ad8b020 OBJECT LOCAL DEFAULT 23 FIPS_signatu
> On May 3, 2018, at 3:06 AM, Anil kumar Reddy
> wrote:
>
> The issue is:
> I am unable to find out the exact command lines or c/c++ program functions to
> prove the SignedCertificate.pem is signed or not. I have spent more than one
> day on researching, but I am end up with confusion. I do
Hi All,
I am building FIPS supported OpenSSL in yocto for ARM architecture. I tried
using openssl-fips-2.0.13 and openssl-fips-2.0.4
I am building FIPS externally with the below environmental settings
---
> From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf
> Of morthalan
> Sent: Thursday, May 03, 2018 05:51
> To: openssl-users@openssl.org
> Subject: Re: [openssl-users] How to prove a Certificate is Signed or not
>
> But In my case, I do not have any root certificate. I have on
I got two Ideas. I can verify the certificate by comparing the issuer name
char *s = X509_NAME_oneline(X509_get_subject_name(cert), NULL, 0);
char *i = X509_NAME_oneline(X509_get_issuer_name(cert), NULL, 0);
int rc = strcmp(s, i);
verifying with public key
EVP_PKEY *caPubkey = X509_get_pubkey(s
You could:
- Check subject and issuer for sameness.
- Verify the signature with the certificate’s own key. A positive verification
indicates self-signed.
> On May 3, 2018, at 7:18 AM, Salz, Rich via openssl-users
> wrote:
>
>
>
> On 5/3/18, 4:24 AM, "morthalan" wrote:
>
>No, technica
>After the generation of SignedCertificate.pem. I would like to write
function to verify the SignedCertificate.pem, whether it is signed or not.
That is still not an accurate description. By definition, a certificate is
*signed data.* It appears as a bitstring in the X509 data structu
Sorry for the insufficient explanation on what I did.
I have implemented one c++ code(csrReq.cpp) to generate certificate signing
request(certReq.pem) along with private key(csrPkey.pem). Another c++ code
(signcode.cpp)is to read the user data from certReq.pem and generate the
Signed Certificate(S
On 5/3/18, 4:24 AM, "morthalan" wrote:
No, technically not. I am just searching for a simple method just to check a
certificate is signed by CA or not.
Because. Something like signing check, I am not quite sure, I do not have
proper knowledge on Openssl.
If you have a ce
a root cert is the self signed cert.
On Thu, May 3, 2018 at 2:50 AM, morthalan
wrote:
> But In my case, I do not have any root certificate. I have only one signed
> certificate (SignedCertificate.pem) and one certificate signing request
> (certReq.pem) . So when I use it as below
>
> openssl ve
But In my case, I do not have any root certificate. I have only one signed
certificate (SignedCertificate.pem) and one certificate signing request
(certReq.pem) . So when I use it as below
openssl verify -CAfile SignedCertificate.pem SignedCertificate.pem
I am getting error "error 20 at 0 depth
openssl verify -CAfile your_ca_cert.pem SignedCertificate.pem
Hope that helped
Cheers,
Richard
In message <1525335799770-0.p...@n7.nabble.com> on Thu, 3 May 2018 01:23:19
-0700 (MST), morthalan said:
morthalaanilreddy> No, technically not. I am just searching for a simple method
just to chec
Or using the javascript interface
https://www.npmjs.com/package/sack.vfs#interface
https://github.com/d3x0r/sack.vfs/blob/master/tests/tlsTest.js#L28
if( vfs.TLS.validate( {cert:signedCert3, chain:signedCert2+cert} ) )
console.log( "Chain is valid." );
On Thu, May 3, 2018 at 12:36 AM, J Dec
Hi,
While doing a openssl s_time command I find that by default it tries for
Session Id Reuse. "Now timing with session id reuse."
In case if we don't want openssl to reuse session id's how can we configure
openssl in the application for the same.
The application here is acting as a server.
I
No, technically not. I am just searching for a simple method just to check a
certificate is signed by CA or not.
Because. Something like signing check, I am not quite sure, I do not have
proper knowledge on Openssl.
d3x0r wrote
> https://github.com/d3x0r/sack.vfs/blob/master/src/tls_interface.cc
https://github.com/d3x0r/sack.vfs/blob/master/src/tls_interface.cc#L1538
this routine does cert validation but I don't thkn that's what you want
this verified on a connection
https://github.com/d3x0r/SACK/blob/master/src/netlib/ssl_layer.c#L274
which boils down to
SSL_get_peer_certificate
Hi everyone,
I am new to opennssl and now I am completely confused. Please help me out
to solve my issue.
I have implemented a code to sign the given CSR certificate (certReq.pem),
then generate openssl signed Certificate (SignedCertificate.pem) using the
details of certReq,pem. The code is like
19 matches
Mail list logo
