Hi,
I’m trying to create a signed certificate from a CA certificate without
creating a CSR first. From the doc, I came up with this command:
```
openssl req -CA ca.crt -CAkey ca.key -key leaf.key -subj ‘/CN=leaf’ -out
leaf.crt
```
However,
```
openssl x509 -in leaf.crt -text -noout
```
repor
Hello All,
Has anyone tried using the FIPS provider on iOS and got it uploaded and
successfully reviewed by Apple?
Apple won't let you just put the 'fips.dylib' in your app's bundle so we've
wrapped it in a iOS Framework Bundle, which solves some of the problems. But
Apple are scanning the dyl
You might want to dump out the OpenSSL error queue to see if there are
any hints.
For example:
ERR_print_errors_fp(stdout);
Matt
On 26/01/2022 16:11, Gregory Letaille wrote:
Hi
I retrieved and compiled official openssl 3 version from openssl site
configure the project with such command l
Hi
I retrieved and compiled official openssl 3 version from openssl site
configure the project with such command line
perl Configure enable-fips VC-WIN32 --debug
--prefix=D:\outssl\Dll\x32\debug --openssldir=D:\outssl\ssl
nmake
nmake install
debug and release version tested
all seems fine eve
Hello,
I have a PEM file on the device which can contain an
encrypted/non-encrypted private key. When it's encrypted, it's using
PBES/PBKDF. The file is accessed from a C++ application which uses the
OpenSSL library. If the key is encrypted, then it should be PKCS#8, but
checking it is PKCS
On 26/01/2022 11:27, Jan Lana wrote:
Hi,
When I run
openssl ciphers -v -provider fips | grep TLS_CHACHA20_POLY1305_SHA256
it shows this non complain cipher is available.
This looks correct behaviour to me. Your openssl.cnf file is explicitly
activating the default provider. The "-provi
Hi,
When I run
openssl ciphers -v -provider fips | grep TLS_CHACHA20_POLY1305_SHA256
it shows this non complain cipher is available. To add '-propquery
fips=yes' argument does not help. IMHO it is not correct behavior.
I have the default and fips providers enabled in openssl.cnf:
ope
