Hi All,
I am trying to crack open a certificate and print out the start and
expire dates to a debug log message.
I found these two nifty functions X509_get_notBefore() and
X509_get_notAfter() which return a pointer to a ASN1_TIME struct.
I'm not sure where to go from here. I would like to be ab
Thanks gents!
On Wed, Jun 2, 2010 at 6:45 AM, Dr. Stephen Henson wrote:
> On Tue, Jun 01, 2010, Dallas Clement wrote:
>
>> Hi,
>>
>> Would someone kindly tutor me on how to print out a certificate
>> programmatically? I know how to extract the common name, but was
Hi,
Would someone kindly tutor me on how to print out a certificate
programmatically? I know how to extract the common name, but was just
wondering if there is an API function to just print the whole thing in
human readable form?
X509 *pX509Peer = SSL_get_peer_certificate( pSsl );
if ( pX5
Hi All,
Could someone help me understand why there is a function
SSL_CTX_set_client_CA_list() for telling the client which CAs the
server will recognize but no function for telling the server which CAs
the client will recognize? In other words, could you please explain
the asymmetry? It doesn't
Thanks Mark, that was an extremely helpful explanation. When I asked
this question I was hoping to learn if CA certs are self-signed or if
there is some other procedure to authenticate a CA cert as being
legitimate. From your explanation it sounds like all CA certs are
generated by the CA itself
> On Fri, May 28, 2010 at 4:19 PM, Dallas Clement
> wrote:
>> Perfect. Thanks very much!
>>
>> On Fri, May 28, 2010 at 3:14 PM, Dave Thompson wrote:
>>>> From: owner-openssl-us...@openssl.org On Behalf Of Dallas Clement
>>>> Sent: Wednesday, 26 M
submission
> e) Every 12 months, repeat audit.
> f) Ask yourself, do you really need it and get maybe some CA to cross sign
> you.
>
> --
> Konrads Smelkovs
> Applied IT sorcery.
>
>
> On Sat, May 29, 2010 at 5:08 AM, Patrick Patterson
> wrote:
>>
>> O
This is probably a dumb question, but if I wanted to be come the next
Verisign of this world, how do I create a legitimate CA cert? I'd
like to be able to create my own that passes verification without
throwing errors, like "unknown CA".
Thanks,
Dallas
___
Perfect. Thanks very much!
On Fri, May 28, 2010 at 3:14 PM, Dave Thompson wrote:
>> From: owner-openssl-us...@openssl.org On Behalf Of Dallas Clement
>> Sent: Wednesday, 26 May, 2010 22:03
>
>> Is there a function that translates certificate verify return codes?
>
&
I've figured this out. Just needed to disable cert verification in
addition to using aNULL cipher.
SSL_CTX_set_verify( mpSslContext, SSL_VERIFY_NONE, NULL );
Sorry for the spam.
On Wed, May 26, 2010 at 7:20 PM, Dallas Clement
wrote:
> One small piece of additional info: I'm tr
Hello All,
Is there a function that translates certificate verify return codes?
#define X509_V_OK 0
#define X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT2
#define X509_V_ERR_UNABLE_TO_GET_CRL3
...
Just wonderi
One small piece of additional info: I'm trying to avoid the use of
any certificates. Is that even possible with OpenSSL?
On Wed, May 26, 2010 at 6:34 AM, Dallas Clement
wrote:
> Hi Patrick,
>
> I had first tried doing it at run-time, and it didn't seem to work.
>
> S
ailure
Can you see anything I might be doing wrong?
Thanks,
Dallas
On Wed, May 26, 2010 at 2:45 AM, Eisenacher, Patrick
wrote:
> Hi Dallas,
>
>> -Original Message-
>> From: Dallas Clement
>>
>> Just wondering what the best way to turn off authentication is.
Hello,
Just wondering what the best way to turn off authentication is. I'm
wanting to do so for testing purposes. Would someone please advise?
Thanks,
Dallas
__
OpenSSL Project http://www.openss
cleaner way, but
it works.
- Original Message Follows -----
From: "Dallas Clement" <[EMAIL PROTECTED]>
To: openssl-users@openssl.org
Subject: Re: Trouble cross-compiling for linux-ppc
Date: Tue, 10 Jun 2008 10:39:38 -0500
> I was able to get the Configure script to work
defined if you specify your own compiler. Does anyone
have any ideas how to get around this?
- Original Message Follows -
From: "Dallas Clement" <[EMAIL PROTECTED]>
To: openssl-users@openssl.org
Subject: Trouble cross-compiling for linux-ppc
Date: Mon, 09 Jun 2008 21:11:46
Hi All,
I'm having a bit of a problem getting the openssl-0.9.8h
Configure script to use my cross-compiler. These are the
arguments I'm giving Configure:
./Configure no-krb5 zlib-dynamic shared threads linux-ppc
I can see from examining the Configure script that the
compiler is defined as "gcc"
17 matches
Mail list logo
