Hi,
I am developing a server application that have to process SNI coming from
the connecting clients. I found here:
http://weblogs.mozillazine.org/gerv/archives/2007/08/virtual_hosting_ssl_and_sni.html
that there is a backport available for 0.9.8 version that should be
configured with tls-ext
> Yes, this is bug, in any case when key type is not recognized (not
> RSA/DSA/EC)
> error with information of unknown public key will be printed.
> This should be corrected.
> EVP_PKEY_RSA instead of SSL_FILETYPE_ASN1 should be used.
Thnaks, now it works correctly.
--
Sergey
___
Victor Duchovni wrote:
>
> The success of "SSL_CTX_use_certificate" seems to point to it being
> a certificate. Which is it? Did the OP misreport what worked? Which
> was it:
>
Sorry, i misstyped the 2nd function. Once again:
* i have binary private key 610 bytes long
fp = fopen("../keys/pr
I need to load ASN1/DER private key. To do this i use
FILE *fp;
char in_buf[1000];
fp = fopen("../keys/prkey.der", "r");
len = fread(in_buf, sizeof(char), 1000, fp);
fclose(fp);
if (!len)
return 0;
if (!SSL_CTX_use_PrivateKey_ASN1(SSL_FILETYPE_ASN1, ctx, (unsigned
char*)in_buf, len))
ERR_prin
I need it for a set of functions that would convert PEM certificates to DER
and vise versa. I found openssl command line tool:
x509 –in input.crt –inform PEM –out output.crt –outform DER
and traced it's code:
It is done by creating X509 object from a file and then converting it to the
requred fo
I need to create X509 structure from a pointer to the memory area where it is
stored
I have found
X509 *d2i_X509(X509 **px, const unsigned char **in, int len);
but certificate there should be in DER format.
Does anybody know a way to create if from PEM certificate? All i found is
PEM_read_X509 a
Hi,
My server application now reads server and root certificates from
files, like that:
SSL_CTX_use_certificate_chain_file(ctx, ser_cert);
SSL_CTX_use_PrivateKey_file(ctx, ser_key, SSL_FILETYPE_PEM);
SSL_CTX_load_verify_locations(ctx, rootcert, NULL);
But for security reasons it been decided that
Hi,
My server application now reads server and root certificates from
files, like that:
SSL_CTX_use_certificate_chain_file(ctx, ser_cert);
SSL_CTX_use_PrivateKey_file(ctx, ser_key, SSL_FILETYPE_PEM);
SSL_CTX_load_verify_locations(ctx, rootcert, NULL);
But for security reasons it been decided tha
I am developing client/server app and client should be mobile, thus
connection can be easily lost. The problem is that i can't find a way
to detect this lose of connection with openssl.
For example, i send a request to the server from client and
immediately remove the cable from "client" laptop. C
