sha2
> openssl ca -md sha256
>
> I am using openssl versioned OpenSSL 1.0.1c 10 May 2012.
>
> Let me know.
>
> thanks
> Pushkar
There are patches sitting on the bugtracker to enable that functionality, but
right now the only
way to do it
alidation_certificate_identification
It's a bit confusing because most (maybe all?) vendors use a different
intermediate cert for
their EV certs, but that doesn't matter, only the presence or absence of the
OID does.
Joshua Bowman
__
ould generate the symmetric key by
hashing the private
RSA key, or the concatenation of the public and private keys. I don't think
that would make a
difference with a sufficiently strong hash, but I can't mathematically prove it
is safe, either.
But generating it from the public key alo
o use for SSL. The process is the same no matter how you create the
certs. You can also
individually import the key and the signed cert, if you wish. If you rename it
to pfx, maybe
it'll work easier, that's the standard windows file extension for pkcs12. Note:
A p12 file sould
look like garbage in a text viewer, they're never base64 encoded.
Joshua Bowman
ur certs.
>
> Thanks
> David
On Linux, web browsers use their own cert stores, usually per-user. Firefox
uses a file called
cert8.db, which you can find in the user's firefox profile folder, and you have
to use a tool
called certutil to import certs (or the UI). I do
/libnss_files-2.5.so
> b7835000-b783a000 rw-p 00:00 0
> b784b000-b784c000 rw-p 00:00 0
> bfd8-bfda1000 rw-p 00:00 0 [stack]
> e000-f000 r-xp 00:00 0 [vdso]
> Abandon
>
Try compiling with -DDEBUG -ggdb -O0 to gen
On 6/4/2012 10:28 PM, Christian Hohnstaedt wrote:
> Hi Joshua,
>
> On Mon, Jun 04, 2012 at 04:13:24PM -0700, Joshua Bowman wrote:
>> As the subject asks, is there any way to generate a config file from an
>> existing certificate? Either built into openssl or via third-party
CERTIFICATE-
Joshua Bowman
On 6/4/2012 10:44 PM, Joshua Bowman wrote:
> It's not self-signed, it's signed by a cert without the " - G5" at the end.
> Serial #
> 70:BA:E4:1D:10:D9:29:34:B6:38:CA:7B:03:CC:BA:BF, here's the full cert:
>
> -BEGIN CERT
SPdie0oCL1jWhFXCMSe2uJoKK/dUDzsgiHYAMJVRFBwQa2DF3m6
CPMr3u00HUSe0gST9MsFFy0JLS1j7/YmC3s=
-----END CERTIFICATE-
Joshua Bowman
On 6/4/2012 10:23 PM, Vladimir Belov wrote:
> Hi Joshua,
> Can you say what concrete root CA I must add to my file
> trusted_root_certs_of_CAs.pem? What
> serial number
the root cert so
they don't work.
Joshua Bowman
On 6/4/2012 9:07 PM, Vladimir Belov wrote:
> Hi,
>
> I have a httpS-client and try to load www.verisign.com. I get the error
> during certificate
> verification: “20 (unable to get local issuer certificate)”
>
> The same
As the subject asks, is there any way to generate a config file from an
existing certificate? Either built into openssl or via third-party tool.
I'm having a lot of trouble getting the syntax right for some extensions
that use LDAP URIs, and I haven't found a good answer (but many questions
and mis
11 matches
Mail list logo
