Hi Guys,
Heres one for you. When you create the root certificate
with openssl it is given a serial number of 0. Every other
root signed certificate (peer certs) is given a serial
number of 0X where X is the next certificate number e.g.
01.
The certificates signed by root can be revoked and
Is it possible to revoke a root certificate? I am having
problems with this as my database (index.txt complains
about the serial number being invalid.
Cheers
Evan
Get your own zoom email - click here - http://www.zoom.co.uk/
This is the Postfix program at host
speedy.server.zoom.co.uk.
I'm sorry to have to inform you that the message returned
below could not be delivered to one or more destinations.
For further assistance, please contact
<[EMAIL PROTECTED]>
If you do so, please include this problem report. You can
Hi,
I need to load a certificate from disk so I can check to
see if it validity before time is in the future. I've been
trying to use PEM_read_X509 but it crashes. Anyone got any
examples that show how to successfully load a certificate
from disk and view its contents. I can't find anything
Hi,
These are the steps I am using to create a CA and then
sign a certificate.
openssl req -x509 -newkey rsa:1024 -keyout cakey.pem -out
cacert.pem -config openssl.cnf
then i follow the prompts.
after cacert.pem is created a copy the private key into
democa/private and cacert.pem into democa
Hello again,
Heres what im doing to revoke a cert and create a CRL:-
Openssl ca -revoke server.pem -config ca.cfg : to revoke
the certificate
Openssl ca -gencrl -config ca.cfg -out ca/crl/crl.pem -
crldays 1 : to create the CRL
Now This is the output I get when I run the command ,
openssl cr
How do I view the contents of a CRL? I need to be able to
see what certificates have been revoked.
Evan
Get your own zoom email - click here - http://www.zoom.co.uk/
__
OpenSSL Project http://www
Hi,
I'm was wondering if anyone could help with this. I want
to keep a store of CA certificates in one directory and I
was under the impression that the CAPATH variable allows
for this. However the certificates in the directory are
never loaded.
Theres a mention of using a hash tool but im
Hi,
These are the steps I am using to create a CA and then
sign a certificate.
openssl req -x509 -newkey rsa:1024 -keyout cakey.pem -out
cacert.pem -config openssl.cnf
then i follow the prompts.
after cacert.pem is created a copy the private key into
democa/private and cacert.pem into democa
Hi again,
I have finally managed to get the trusted certificate to
load into the application but now I am getting errors about
the certificate chain being to long.
The server only sends its certificate and the client loads
the Root CA cert to verify the server certificate.
As I stated before
Hi,
I am having trouble with verifying the server certificate
that is sent during the SSL handshake.
I looke through verify.c to get an Idea but the lack of
comments and docs on the X509_* stuff aint helping.
So far I have loaded the root CA certificate using
X509_LOOKUP_load_file.
then I t
11 matches
Mail list logo
