ching it from.
Good Luck
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
Franck Martin
[EMAIL PROTECTED]
SOPAC, Fiji
GPG Key fingerpr
As you see openssl.org is used for relaying spam... This does not look good..
Can somebody fix it quickly?
Cheers
Franck
Received: from cobalt.sopac.org.fj (COBALT [10.0.0.150]) by
bigiron.sopac.org.fj with SMTP (Microsoft Exchange Internet Mail Service
Version 5.5.2653.13
You can't use virtual hosts on apache with https.
Each host must have its own IP address, that's what I learnt from the doc... May be it is fixed somehow...
So assign multiple IP addresses to your network card. it is quite easy under Linux...
Please feel free to contribute to the HOWTO
Please check www.tldp.org SSL Certificates HOWTO
Cheers.
On Mon, 2002-12-30 at 15:15, William Michael Grim wrote:
Hi there, I just signed up for openssl-users today because I was going to
ask a question but then think I figured out what I needed to figure out.
Anyway, I created a HO
A USD5 fee on a credit card with the credit card number remembered. You
pass then the buck to the bank to identify the owner of the credit card
and to notify you in case of card forgery...
Cheers.
Franck
> -Original Message-
> From: evilbunny [mailto:evilbunny@;sydneywireless.com]
> Sent:
Title: Message
www.tldp.org SSL-Certificates
HOWTO
feel
free to send an update based on your experience...
-Original Message-From: Mark
Olbert [mailto:[EMAIL PROTECTED]]Sent: Friday, 1 November 2002 4:53
To: [EMAIL PROTECTED]Subject: Windows: Code
Signing Certificate
Can anyo
evilbunny,
Would you mind filling it up the blanks on creating your own CA on the
SSL-Certificates HOWTO on www.tldp.org
I think it will help a lot of people to manage their own subCA as well make
a good advertising for cacert.org
Cheers.
Franck Martin
Network and Database Development Officer
I think there was something called www.medacen.net
Also, check the ISOC PKI working Group www.isoc.org
You can register a free certificate for e-mail on thawte and versisign.
Cheers.
[EMAIL PROTECTED]
On Sun, 2002-10-27 at 20:14, Peter Ziobrzynski wrote:
I searched far and wid
I have read in the doc on X509v3 that you can place a constraint on nearly
anything...
How do you place a constraint on a certificate to allow it to sign only
certificate lower in X400 naming scheme, or containing a special naming
scheme...
Franck Martin
Network and Database Development Officer
guson [mailto:gferg@;hoop.timonium.sgi.com]
Sent: Wednesday, 23 October 2002 11:17
To: [EMAIL PROTECTED]
Subject: updates (SSL-Certificates-HOWTO)
SSL Certificates HOWTO
Franck Martin
v0.5 2002-10-20
* updated
http://tldp.org/HOWTO/SSL-Certificates-
Look for the SSL Certificates HOWTO on www.tldp.org
I still don't know why there is no link to it from the openssl.org web site?
Franck Martin
Network and Database Development Officer
SOPAC South Pacific Applied Geoscience Commission
Fiji
E-mail: [EMAIL PROTECTED] <mailto:[EMAIL P
http://www.siy.fi/isoc-pki/
Please note the above working group on building up a global PKI.
Franck Martin
Network and Database Development Officer
SOPAC South Pacific Applied Geoscience Commission
Fiji
E-mail: [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>
Web site: http://www.sopac.org/
The solution was to wait a few minutes that outlook XP timeout,
meanwhile your whole machine freezes for several minutes
This is linked to outlook XP handling digital signatures and trying to
verify them online: A Major bug, I would say
Franck Martin
Network and Database Development
www.tldp.org : SSL Certifcates
HOWTO
Franck
MartinNetwork and Database
Development OfficerSOPAC South Pacific
Applied Geoscience CommissionFijiE-mail: [EMAIL PROTECTED]Web site: http://www.sopac.org/Support FMaps: http://fmaps.sourceforge.net/Certificate: https://www.sopac.org/ssl/
This e
agreed mapping and
protocol to use DNS for a global PKI.
Franck Martin
Network and Database Development Officer
SOPAC South Pacific Applied Geoscience Commission
Fiji
E-mail: [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>
Web site: http://www.sopac.org/
<http://www.sopac.org/> Support
I see who you are talking about
But I think it is a IETF pb to provide an informational RFC to provide a map between certificate DN and DNS namespace and to provide a mechanism to look at CERT and CRL Then it is an ICANN problem to implement on the root-servers and delegate to ohers...
I was following the thread to know more, but then I'm back to begining.
If you find another solution, please let me know...
Cheers.
On Sun, 2002-06-09 at 10:02, Daniel Sutcliffe wrote:
> However, my certificates have now started to expire and I am
> getting warning dialogs from
e removed from the
system and be placed totally off-line (no hacker will be able to get
access to the private key except by breaking in your premises). The
Sub-Root CA certificates are then used in day to day operations and can
be left on a machine....
Cheers.
Franck Martin
Network and Database Develop
>>
>> Finally, Kabylie is in Algeria and everybody knows that Algeria is
not
>> known for its stability... You should say something about that on
your
>> web site to proove that we can trust your company...
>Personally, I'm quite sure modular division and multiplication
>can be pretty stable any
Read your web site,
Sorry other, if my e-mail is slightly off-topic but I think for a global trusted e-mail system, we need some special certificates and I just want to check if medracen is offering them...
Needs some info, what exactly is a gold certificate?
I think you are missing so
would allow B to sign certificates only
for use in sub-domains, eg: www.sopac.org, [EMAIL PROTECTED],
[EMAIL PROTECTED],... but not www.othersopac.org,
www.mycompany.com
If it does not exist then we are missing something important...
Franck Martin
Network and Database Development Officer
SOPAC South
f the client would make the
check...
Franck Martin
Network and Database Development Officer
SOPAC South Pacific Applied Geoscience Commission
Fiji
E-mail: [EMAIL PROTECTED]
Web site: http://www.sopac.org/
Support FMaps: http://fmaps.sourceforge.net/
Certificate: https://www.sopac.org/ssl/
This e-ma
Found this interesting post on bugtraq
Comments?
Franck Martin
Network and Database Development Officer
SOPAC South Pacific Applied Geoscience Commission
Fiji
E-mail: [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>
Web site: http://www.sopac.org/
<http://www.sopac.org/> Support
certificates...
What the use of having openssl if you can't use it, on a wide range of platforms.
So I think it DOES concern this mailing list.
Cheers.
On Tue, 2002-05-14 at 08:51, Erwann ABALEA wrote:
On Tue, 14 May 2002, Franck Martin wrote:
> I can tell you, now
mail client can read my message. You should be able to save the message
and process it with openssl. I'm not sure here about all the required
commands.
openssl smime -verify -in message.txt
But I think openssl is bugged or not finished on this part...
Franck Martin
Network and Database D
In theory, you should be able to save the message and issue the
following command:
openssl smime -verify -in message.txt
But I had various level of luck with this command... Let me know how
does it work for you... And if anybody can make it work?
Franck Martin
Network and Database Development
I can tell you, now it works...
What about your configurastion?
-Original Message-
From: Franck Martin [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, 14 May 2002 10:21
To: '[EMAIL PROTECTED]'
Subject: RE: The digital certificate disapear.
I made a modification in my excha
valid or do I have to renew C too?
Cheers.
Franck
On Mon, 2002-05-13 at 08:11, Erwann ABALEA wrote:
On Mon, 13 May 2002, Franck Martin wrote:
> I like to buy a certificate from verisign or thawte that allows me to
> sign other certificates. The test certificate produced ha
ertificate expires, how to renew it without
having to renew other certificates?
Cheers.
Franck Martin
Network and Database Development Officer
SOPAC South Pacific Applied Geoscience Commission
Fiji
E-mail: [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>
Web site: http://www.sopac.org/
<h
using:
>From [EMAIL PROTECTED] Sat May 11 13:17:53 2002
Received: by BIGIRON id <01C1F889.AC81F2D0@BIGIRON>; Sat, 11 May 2002
13:17:53 +1200
Message-ID:
From: Les Allinson <[EMAIL PROTECTED]>
To: Franck Martin <[EM
Version 0.3 of the SSL Certificates HOWTO is available on www.tldp.org
Have a look and send me comments.
Cheers
[EMAIL PROTECTED]
Check www.linuxdoc.org the SSL Certificate howto and please contribute to
it...
Franck Martin
Network and Database Development Officer
SOPAC South Pacific Applied Geoscience Commission
Fiji
E-mail: [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>
Web site: http://www.sopac.org/
Check www.linuxdoc.org for the SSL HOWTO...
Franck Martin
Network and Database Development Officer
SOPAC South Pacific Applied Geoscience Commission
Fiji
E-mail: [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>
Web site: http://www.sopac.org/
<http://www.sopac.org/> Support
Read the HOWTO at www.linuxdoc.org
Franck Martin
Network and Database Development Officer
SOPAC South Pacific Applied Geoscience Commission
Fiji
E-mail: [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>
Web site: http://www.sopac.org/
<http://www.sopac.org/> Support
Title: RE: I got 4 or more emails identical
I think this host is listed as an openrelay on www.ordb.org or www.ordz.org This may be the reason...
On Thu, 2001-12-20 at 17:55, Fabro, Loic wrote:
I got a duplicate on my personal message.
I compared the two h
Try www.linuxdoc.org look for the SSL Certificates HOWTO.
On Fri, 2001-12-14 at 11:57, Murali K. Vemuri wrote:
well.
i am a newbie trying to understand
1. what is a certificate?
2. who shall make it?
3. who & how to get it?
4. if i have my own setup, and some previleged use
check www.linuxdoc.org
Franck Martin
Network and Database Development Officer
SOPAC South Pacific Applied Geoscience Commission
Fiji
E-mail: [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>
Web site: http://www.sopac.org/
<http://www.sopac.org/> Support FMaps: http://fmaps.sourceforg
of your text
inside my SSL HOWTO. Proper achnowledgement will be done.
Thanks in advance for your positive answer.
Franck Martin
Network and Database Development Officer
SOPAC South Pacific Applied Geoscience Commission
Fiji
E-mail: [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>
Web site
For your information
I will now add the comments I have received as well as the
ssl-cert-HOWTO.txt inside it...
Franck Martin
Network and Database Development Officer
SOPAC South Pacific Applied Geoscience Commission
Fiji
E-mail: [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>
Web site
I think this is fine. I just wanted to make sure you agree to the gnu documentation licence.
I will hold it for a while until I get results from linuxdoc, then I will submit an update including your text.
Cheers.
On Sun, 2001-12-02 at 13:34, Marcus Redivo wrote:
Hello Franck,
I r
My guess, is a self signed certificate is not a CA certificate. In your
openssl.cnf file you should se an option like CA=true, which is used only to
sign CA certificate.
Cheers.
Franck Martin
Network and Database Development Officer
SOPAC South Pacific Applied Geoscience Commission
Fiji
E-mail
Title: Got a minute? Openssl/Windows 2000 CA interop
Beware
MS is less forgiving than the openssl and the file must contain only one
--CERTIFICATE-- section with no other text...
If
need be edit the files. Check my HOWTO on how to sign certificates request
issued by key manager.
Check
y
Following my previous draft HOWTO I'm about to submit this HOWTO to the
www.linuxdoc.org
Any last comments or additions required?
You can send especially your contributions for the FIXME parts.
Franck Martin
Network and Database Development Officer
SOPAC South Pacific Applied Geosc
Nobody answered me this one...
I will have to try to revocate a certificate to see if I can add it later
However, most root CA, keep old certificates as valid, because it takes some time to install a new certificate on a machine...
Cheers
On 14 Nov 2001 12:29:30 -0500, POLIVKA-ROHRER, KE
If the private key is given away, the the certificate is useless, and does not protect anything it signs.
As you seem very smart, how do you renew a certificate with openssl when you are a CA?
Cheers.
On 02 Nov 2001 09:33:19 -0800, Michael Sierchio wrote:> > Franck Martin wrote:
>
Certificate trust tree can be established. Can I use a script to inform the user, to download the root CA. Any ideas on the questions?
Cheers
Franck
On 02 Nov 2001 12:27:25 +, Dr S N Henson wrote:> > Franck Martin wrote:
> >
> > I have just written a little HOWTO, to
I have just written
a little HOWTO, to be able to handle certificates. I'm happy to receive comments
and suggestions to improve it.
I found that most of
these informations were missing from the openssl documentation, as there are
very few practical examples.
Cheers.
Franck
MartinNetwork
-CERTIFICATE- Section
I was able then to install this certificate.
Franck Martin
Network and Database Development Officer
SOPAC South Pacific Applied Geoscience Commission
Fiji
E-mail: [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>
Web site: http://www.sopac.org/
<http://www.sopac.org/> S
S.key -outform NET -out ssl.key/IISNET.key
Is supposed to remove the passphrase from the privatekey so that you don't
need to enter the passphrase eachtime you need to use the certificate. I
think it is importnat for Apche only.
Franck Martin
Network and Database Development Officer
SOPAC Sou
Sorry, if this
question has already been answered. I'm just starting with SSL, and writing down
what I'm finding.
I have set myself as
a CA, I generate private key, create a certificate request, sign it with my CA
root certificate. Everything goes nicely in the various part of the /var/ssl
50 matches
Mail list logo
