It is a home grown HTTPS server.
Anamitra Dutta Majumdar
Product Security Architect
Office: 4152663903
Email: amajum...@splunk.com<mailto:amajum...@splunk.com>
Splunk Inc. San Francisco | Cupertino | London | Hong Kong | Washington D.C. |
Seattle | Plano | Singapore | Munich | Tokyo | Sh
t the NULL characters.
Anamitra Dutta Majumdar
Product Security Architect
Office: 4152663903
Email: amajum...@splunk.com<mailto:amajum...@splunk.com>
Splunk Inc. San Francisco | Cupertino | London | Hong Kong | Washington D.C. |
Seattle | Plano | Singapore | Munich | Tokyo | Shanghai
--
opens
Also I found that this works fine with openssl 1.0.1
Where keys are generated in FIPS mode with the following line.
Can someone let me know why this change in behavior between 0.9.8l and
1.0.1?
-BEGIN DSA PRIVATE KEY-
Thanks,
Anamitra
On 6/12/13 12:01 PM, "Anamitra Dutta Maj
We are using OpenSSL version 0.9.8l
And what we find is that the DSA private key formats are different in FIPS
and non-FIPS mode
In FIPS mode it starts with
-BEGIN PRIVATE KEY-
Whereas in non-FIPS mode it starts with
-BEGIN DSA PRIVATE KEY-
I understand that this is expected s
Hello Steve ,
Thanks for your response.
Is there a corresponding API where we can impose this descert option?
-Anamitra
On 5/29/13 6:15 PM, "Dr. Stephen Henson" wrote:
>On Wed, May 29, 2013, Anamitra Dutta Majumdar (anmajumd) wrote:
>
>> We are trying to create pkcs12
We are trying to create pkcs12 keystore in FIPS mode using OpenSSL 1.0.1
and it fails with the following error
9uo8bYe2YpDmqEgC[root@vos-i/usr/local/platform/bin/openssl pkcs12 -export
-in tomcat.pem -inkey ../keys/tomcat_priv.pem -out tomcat.keystore
Enter Export Password:
Verifying - Enter Expor
We are getting the following error in the syslogs
secure:Nov 9 19:32:04 cls2-pub authpriv 3 sshd[9526]: error:
openssh_DSA_verify_inFIPS EVP_VerifyFinal BAD SIG code:-1
when we connect between two servers using ssh key based authentication.
This issue happens only in FIPS mode and not in non FI
Hi Dave,
This is a close box without a server operator.
Is there a way to determine why the cert chain was
Disliked.
Thanks,
Anamitra
On 10/26/12 3:14 PM, "Dave Thompson" wrote:
>>From: owner-openssl-us...@openssl.org On Behalf Of Anamitra Dutta
>>Majumdar
>(anmaj
Hi Dave,
Thanks a lot for your response. I will try this out.
Thanks
Anamitra
On 12/13/11 9:46 PM, "Dave Thompson" wrote:
>> From: owner-openssl-us...@openssl.org On Behalf Of Anamitra Dutta
>>Majumdar
>> Sent: Tuesday, 13 December, 2011 14:37
>
>> >I a
>I am looking for OpenSSL api to parse pkcs7 bag of certificate file that
>has two certificates a SubCA and the other the leaf cert.
Is there an openssl api that would enable use to parse this pkcs7 bag and
separate out the certificates.
Any pointers will be appreciated.
Thanks
Anamitra
There is a requirement to process a pkcs7 bag of certificate chain.
Is there an OpenSSL API to parse the certificates in a PKCS7 bag and get
each of the certificates in the bag as Base64 encoded string.
Any pointers will be greatly appreciated.
Thanks
Anamitra
Have not seen a response to this.
The FIPS_selftest() API does not perform any selt-tests on
diffie-Hellman algorithm. Is it because it is a non-approved security
function in the FIPS module?
Do we need self tests on DH if DH key exchange is used by SSH in the
system running in FIPS mode?
Than
12 matches
Mail list logo
