Simply, you can verify your certificate by:
$ openssl verify -CAfile /path/to/root_cert your_cert
If you want to implement your verification codes, you can get the detail form
openssl.c.
On Wed, Sep 24, 2008 at 7:17 PM, Ajeet kumar.S
<[EMAIL PROTECTED]> wrote:
> Dear All,
>
> I wa
why and how?
On Thu, Sep 25, 2008 at 2:35 AM, F. <[EMAIL PROTECTED]> wrote:
> Hello,
> Program that want use Engine should enable it.
> It's posible enable engine for all program without the program request
> without patch?
>
> Any plan to use linux kernel engine support in openssl software?
>
>
Hi,
Have any ideas to set customized information in OID field of certificate?
I have searched around the OpenSSL interfaces and googled the hints
to do this job, but nothing is presented to me.
How can I accomplish this functionality? Any suggestion or example codes?
Thanks in advance,
Ian
___
> Besides certificate verification and session reconnect I don't
> know any details what you have to retest.
>
You imply that the mechanism of X509-based certificate verification
has been embedded in openssh mainstream, right?
Thank you very much.
I have accomplished this target successfully.
On 1/14/08, Victor Duchovni <[EMAIL PROTECTED]> wrote:
> On Mon, Jan 14, 2008 at 04:45:11PM +0800, Ian jonhson wrote:
>
> > I received a certificate from remote client and need to deal with it.
> > The
Hi,
I received a certificate from remote client and need to deal with it.
The certificate is stored in buffer, which is created by local server.
However, I don't know how to make the stuff in buffer become
X509-style certificate.
Could any one give me some advices?
Thanks in advance,
Ian
__
Hi,
"Network security with OpenSSL":
http://www.oreilly.com/catalog/openssl/index.html
is recommended by some friends in mail-list
On 8/7/07, acrisio domiciano dias <[EMAIL PROTECTED]> wrote:
> Hi everybody,
>
> I'm looking for some good books about the OpenSSL libraryCould anyone
> recomm
>
> Is X509_get_notAfter() what you're looking for?
>
> In practice you cannot change the expiry date of an existing certificate
> because the certificate is signed by a CA at the time of issuing (when
> the date is decided).
>
Yes, I see. But I can revoke the certificate and reissue a new
certifi
Thank you for your answering.
>
> I think you've misunderstood what SSL_CTX_get_timeout() does. This
> timeout is the SSL session timeout which lets you decide how long an SSL
> session can stay in cache before it becomes non-resumable. The openssl
> manual pages have sufficient info.
>
According
Hi,
I wrote a function to fetch the lifetime (expire time) of a
certificate. But it seems not to work right.
The codes are as follows:
codes to fetch lifetime -
...
meth = SSLv3_method();
/* Create a SSL_CTX structure */
ctx = SSL
r, no matter how I try to run the code, it alway
threw out a segmentation fault. The segfault error occurred in the
line:
val = meth->i2v(meth, ext_str, NULL);
I have no idea what is wrong with it.
Could anybody give me some advice?
Thank in advance.
Best Regards,
Ian
On 7/13/07, Ian jonhso
No. Once the certificate has been signed it's done. If you want
to change anything you have to resign (recreate) it.
OK, then how to fetch the custom information? Is it same as the sketch
but using X509_get_ext()?
__
OpenSSL
> If I want to do this job by standard openssl API, how to accomplish this/
A rough sketch would be:
// set up context
X509V3_set_ctx(...)
X509_EXTENSION *ext;
// read ext information
ext = X509V3_EXT_conf(...)
// add extension
if (!X509_add_ext(cert, ext, ...) {
error output
}
You need to
Yes, you can add custom extension info through configuring
openssl.cnf and with right openssl command.
You mean that I should write down my custom information in
openssl.cnf, and then load the custom information to extension of
proxy by openssl command, isn't it?
If I want to do this job by s
Hi all,
Did anyone try to set some custom information in certificate? For
example, if I want to set a simple string, "This is my proxy", in
certificate, what shall I do? Can it be implemented
by standard openssl command?
I tried to set the custom information in extension section, however it
did
Sorry, I make a mistake.
The letter is not for your ~
Very sorry~
On 6/19/07, Christopher Kunz <[EMAIL PROTECTED]> wrote:
Ian jonhson schrieb:
> Oh... Are there any example codes for doing this job with openssl API?
Did you actually read my former mail? You replied to it with
&
Oh... Are there any example codes for doing this job with openssl API?
On 6/19/07, Christopher Kunz <[EMAIL PROTECTED]> wrote:
Ian jonhson schrieb:
>
> Did you successfully create second delegated proxy? How to create?
> Are there something wrong with my commands?
I never u
verified the delegated-proxy, I got a error message:
Invalid CA certificate
Did you successfully create second delegated proxy? How to create?
Are there something wrong with my commands?
Thanks
Best Regards,
Ian
On 6/15/07, Christopher Kunz <[EMAIL PROTECTED]> wrote:
Ian jonhson schrie
Thank you very much.
The book is very necessary for me.
Thanks again,
Ian
On 6/15/07, Christopher Kunz <[EMAIL PROTECTED]> wrote:
Ian jonhson schrieb:
> Hi,
>
> As we know, a user owned certificate can delegate his proxy to finish
> hit grid task. If the applications with u
Hi,
As we know, a user owned certificate can delegate his proxy to finish
hit grid task. If the applications with user's proxy run in a node
need to access remote data node, it have to create next level proxy by
its current proxy.
How to create next proxy? If you implement the codes only by Open
HI,
I need to prepare for some codes to verify globus proxy certificate in
my teaching,
but I meet some problems when I try to write the c codes with OpenSSL.
The codes I implemented to verify globus proxy certificate is listed
as follows,
but it does not work well.
HI,
I need to prepare for some codes to verify globus proxy certificate in
my teaching,
but I meet some problems when I try to write the c codes with OpenSSL.
The codes I implemented to verify globus proxy certificate is listed
as follows,
but it does not work well.
22 matches
Mail list logo
