AES256 ? Maybe some of the stronger SHA algorithms?
On 04/24/17 13:42, Jeff Archer wrote:
I think this is a silly question but I still would like to get a
knowledgeable and experienced confirmation of my thinking.
My client is a custom application and as such only needs to
communicate wi
I hate compiling stuff on Solaris 10. The gcc version in /usr/sfw/bin is
so old. And it uses the Solaris linker in /usr/ccs/bin if if you use
/usr/sfw/bin/gmake instead of /usr/ccs/bin/make. Sometimes I can
work around issues by renaming /usr/ccs/bin/ld and creating a symlink
ld-> /usr
On 08/14/13 09:08, Mat Arge wrote:
On Wednesday 14. August 2013 04:10:23 you wrote:
Thanks and as for the last question number (5) I meant I simply replace the
SSL cert and assume there
will be a challenge to accept the new certificate by a browser? I revoke the
old one SSL cert.
I still don't
This means you need to create a key pair (private key with no password +
X509 certficate) for apache to use.
Some linux distributions sometimes include a dummy key pair just for
testing.
On Fedora Core 14 these is a /etc/pki/tls/certs/make-dummy-cert command.
On 08/28/12 07:21, Jamshed Al
Sounds like an LD_LIBRARY_PATH issue. In /etc/default/profile you may
wabt to make sure that /usr/local/lib is set before /usr/lib in
LD_LIBRARY_PATH. Solaris should include its own vers of ssh and ssl
which will account for the conflict.
On 08/23/12 19:06, Roberto Ballan wrote:
> Hi,
> I have
Are you using OpenSSL to generate a certificate for a mail server?
On 01/03/2012 01:52 PM, The Doctor wrote:
Finally got Openssl 1.0.1 daily working
However,
Mozilla Thunderbird is choking saying
SSL received a malformed Server Hello handshake message.
(Error code: ssl_error_rx_malformed_ser
I am using Openssl 1.0.0a (on Solaris 10) as a basic CA. I use this to
sign SSL certificates for various internal servers (web, e-mail etc.)
I recently used the "openssl ca" command to renew the CA's machine
own public certificate. The modulus (public key) of the new
certificate is th
Did you try the openssl with cygwin?
Any chance it needs an extra line feed at the end of the file?
-Original Message-
From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Matt Thompson
Sent: Thursday, May 26, 2011 6:01 PM
To: openssl-users@openssl.o
There should be openssl and gnu GCC packages available on sunfreeware.com.
They may not be the most recent but they are likely to be more recent then
the ones bundled with Solaris 10 or the Sun Freeware Tools companion cd.
-Original Message-
From: owner-openssl-us...@openssl.org
[mailto:ow
ge. (sometimes you have to convert certs from PEM to DER or vice
versa.)
Thanks for your help.
-Original Message-
From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Patrick Patterson
Sent: Wednesday, September 22, 2010 6:48 PM
To: openssl-users@op
to tie a given private key to a
Subscriber? - that is what is important, not the contents of the CSR)
Best Regards,
Patrick.
On 2010-09-20, at 2:12 PM, Gaiseric Vandal wrote:
I am mostly using openssl to sign certificates for corporate servers for corporate users
only. So I am t
n-
trustworthy, then this is probably not at all what you want to do, and could
have potentially serious implications not only at a technical level, but at a
liability and organisational level.
Best Regards,
Patrick.
On September 19, 2010 09:20:51 pm Gaiseric Vandal wrote:
FYI, enabling t
Also, look out for blank/extra lines in the file.Microsoft IE may be
OK with them but openssl may not be.
On 09/19/2010 12:13 AM, Mounir IDRASSI wrote:
Hi,
The error says that it didn't find the expected start line for a
certificate which is -BEGIN CERTIFICATE- .
So, check that you
FYI, enabling the following line in openssl.cnf has resolved the problem.
copy_extensions = copy
From: Gaiseric Vandal [mailto:gaiseric.van...@gmail.com]
Sent: Saturday, September 18, 2010 7:09 PM
To: openssl-users@openssl.org
Subject: RE: Confusion about subject alternative names
Does the following work?
openssl x509 -in TestCryptPublic.cert -text
From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Panikulam Vivek
Sent: Saturday, September 18, 2010 10:31 PM
To: openssl-users@openssl.org
Subject: Error while trying to get text
Thanks
That seems to have been the issue.
-Original Message-
From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Mounir IDRASSI
Sent: Sunday, September 19, 2010 12:28 AM
To: openssl-users@openssl.org
Subject: Re: cannot create p12 file
Hi,
It ha
I am trying to create a .p12 file with pkcs12.
I created the private key:
#openssl genrsa -out user.key -des3
I also create a certificate signing request (openssl req ..) and a
certificate (openssl ca.)
I want to store the user key (and optionally the user certificate) in a .p
The problem is not so much with IMAP or SMTP. You can easily use IIS to
create separate certificate requests so those services.In the MS
Exchange2007 Management Console (GUI) it is pretty easy to select the
certificate to use for IMAP SSL connection. For some very odd reason you
have to u
So it looks like openssl.cnf could optionally automatically copy the e-mail
address to subjectAltName.
-Thanks
From: Gaiseric Vandal [mailto:gaiseric.van...@gmail.com]
Sent: Saturday, September 18, 2010 5:08 PM
To: openssl-users@openssl.org
Subject: Confus
Hi
I am using various version of openssl-0.9.x (including
openssl-0.9.8k-1.fc11.i686 on my linux machine altho the cusotmized
openssl.cnf file is probably inherited from a slightly earlier version.)
When I create a certificate signing request with openssl, I have an option
to specify an Subject A
I am trying to create a .p12 file with pkcs12.
I created the private key:
#openssl genrsa -out user.key -des3
I also create a certificate signing request (openssl req ..) and a
certificate (openssl ca.)
I want to store the user key (and optionally the user certificate) in a .p
Hi
I am using various version of openssl-0.9.x (including
openssl-0.9.8k-1.fc11.i686 on my linux machine altho the cusotmized
openssl.cnf file is probably inherited from a slightly earlier version.)
When I create a certificate signing request with openssl, I have an
option to specify an Subj
22 matches
Mail list logo
