George Adams wrote:
1) Why isn't everyone using stronger public/private key pairs? Nobody
who seems to offer SSL certs (Verisign, Thawte, GoDaddy, Comodo) tells
their customers to generate 2048-bit keys with OpenSSL. Obviously
they're not worried - why not?
It's really up to you to determi
Look at X509_REQ_* functions.
Subash Kalbarga wrote:
Hi all
I am trying to fit a CSR generating capability into a small footprint
embedded system.
Note that I already have the openssl library in there
Openssl is about 300K in size which I want to avoid copying over if I
can just for generatin
for my post validation.
Or am my miss reading the code.
--
Charlie Lenahan Software
Engineer | [EMAIL PROTECTED] | P. 813 288 7388 x121 | F.
813 288 7389
Fortress Technologies | 4023 Tampa Road, Suite 2000 | Oldsmar, FL
34677
IM: [EMAIL PROTECTED] or [EMAIL PROTECTED] or
[EMAIL PROTEC
I am looking at adding OCSP to a TLS handshake, and trying to figure out
the intended use of the callback function
in SSL_CTX_set_verify().
>From what I gather for each certificate in a chain it will call the
verify_callback func() .
In that function that I provide, I can make my OCSP or SCVP call
Does OpenSSL's path validation logic support Bridge PKIs?
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager
>>The man pages says for EncryptInit "It is possible to set all parameters
>>to NULL except type in an initial call and supply the remaining parameters
>>in subsequent calls, all of which have type set to NULL. This is done
>>when the default cipher parameters are not appropriate."
>>
>>Does
