Is there a way to have OpenSSL's command line generate OCSP responses
for every entry in index.txt, without having to go through the process
of generating a blank (no-nonce, unsigned) request and then generating
a response to each one for each serial number therein?
-Kyle H
On a tangent, this file format (and order) was actually finally
standardized as "application/pem-certificate-chain" by RFC 8555
section 9.1 (the Automatic Certificate Management Environment
protocol, or ACME).
On Wed, May 6, 2020 at 2:59 PM Michael Wojcik
wrote:
> Get rid of the call to use_certi
Hi Andreas,
Below repo has examples to use OpenSSL for mTLS (mutual certificate
authentication) with sample certificates. You can refer this.
https://github.com/TalkWithTLS/TalkWithTLS/blob/master/src/sample/openssl_tls13_server_both_auth.c
https://github.com/TalkWithTLS/TalkWithTLS/blob/master/s
Hello Michael,
thank you and Viktor for your fast help. Viktor annotations I don't
fully understand. Sure there is the openssl test server and client, but
the source code is complex for everyone who is new in this encryption tasks.
But testing with openssl was a valuable notice:
1) openssl vs op
On 07/05/2020 01:22, Norm Green wrote:
> All tests on AIX fail like this. Is this a known issue? What debugging
> information is needed? Should I open an issue on github?
Yes - please open an issue on github.
>
> Also note I had to set LD_LIBRARY_PATH to the SSL build directory to get
> th
On 06/05/2020 19:44, Andreas Tengicki wrote:
> SSL_CTX_set_ecdh_auto(srvCtx->ctx, 1);
Viktor and Michael have already provided some excellent advice on this
so I won't cover the same ground. Just one note on this line though -
this is actually unnecessary in modern versions of OpenSSL (anythin
