How to get pub key from EC_KEY to vertify digest with ECDSA_do_verify function?

Hi, I have a question regarding OpenSSL library. The question is explained here . Thanks

Re: Error building OpenSSL-1.1.1g

It is so easy to build OpenSSL using MinGW/MSYS! Just type: ./Configure mingw64 ... make all [cid:244b0963-a277-473a-95fe-9419d8ef84d0] How much experience do you have building apps from source on Windows? VS didn't work, MinGW didn't work either! We are more than happy t

Re: OpenSSL version 3.0.0-alpha1 published

* Windows 10 x64 * GCC 8.3.0 x86_64 $ openssl version -a OpenSSL 3.0.0-alpha1 "23 Apr 2020" (Library: OpenSSL 3.0.0-alpha1 "23 Apr 2020") built on: Fri Apr 24 18:14:53 2020 UTC platform: mingw64 options: bn(64,64) compiler: /mingw/bin/gcc.exe -m64 -DWINVER=0x0501 -D_WIN32_WINNT=0x0501

Re: Issue generating certificate for a Samba AD - index.txt

We have been creating certificates (Root CA, intermediate, end user, smartcard login, etc) for ages. We have set up our own PKI infrastructure using openssl command line tool. If you email us the details/extensions you need your certificates to have, we can generate some test certs for you. How

Re: Question about handshake error

It seems to work fine here! [cid:e41cb622-8559-442b-9b65-76043c2c4b27] [cid:a3ae8ac2-646c-41c8-9842-4f9bde0aaf71] From: openssl-users on behalf of Matt Caswell Sent: Wednesday, 11 March 2020 4:25 AM To: Niki Dinsey ; openssl-users@openssl.org Subject: R

Re: Problems adding specific extensions to signed certificates

This is the basics of OpenSSL! You would like to add extensions to a CSR or the problem arises when signing it? You create a CSR (without extension file) and then you can check/inspect whether or not it shows the extension(s) you need/want. After that, you can sign the CSR. > Ok. I'm not rea

Re: OpenSSL compilation errors in Windows

. I'll try to compile OpenSSL source code this evening and I'll post my findings here. Regards. Sergio. From: openssl-users on behalf of Dr. Matthias St. Pierre Sent: Tuesday, 1 October 2019 12:28 AM To: Nagalakshmi V J ; Michael Mueller Cc:

Re: Using (not building) openssl with mingw on Windows 10

> "c:/program files/mingw/bin/gcc.exe" -D_MT -DTPM_WINDOWS -I. -shared -o > libibmtss.dll tssfile.o tsscryptoh.o tsscrypto.o tssprintcmd.o tss.o > tssproperties.o tssmarshal.o tssauth.o tssutils.o tsssocket.o tssdev.o > tsstransmit.o tssresponsecode.o tssccattributes.o tssprint.o Unmarshal.o > Com

Re: Using (not building) openssl with mingw on Windows 10

>> I've been happily using the Shining Light 32-bit binaries with both >> openssl 1.0 and 1.1 and mingw. a) Where can we download OpenSSL binaries (x64) for Windows built with MinGW? [ https://slproweb.com/products/Win32OpenSSL.html ] b) D:\Temp-Apps\OpenSSL-Win64\bin>openssl version -a

Re: [openssl-users] File signing/encrypting upgrade from 1.0.2 to 1.1.0

> The code comiles just fine Unfortunately, it does NOT compile fine on my system (and I guess the same occurs on several others!) Can you fix all these various issues and post an updated zip file so I can test it again? Cheers. > A few points/questions:

Re: [openssl-users] File signing/encrypting upgrade from 1.0.2 to 1.1.0

I've just built it (manually) on Windows and I don't see any error messages. A few points/questions: - Why cmake? - I does not build/compile at all. - Why is this line here: #include ? I get a compilation error! 😱 - Why are we adding these libraries: odbc32 advapi32 ? CMake Error at CMa

Re: [openssl-users] 回复： crash in `sha1_block_data_order_avx`

> Dear all, very appreciate your reply! We have double check the implementation > of related > functions, and confirm that the input params for the function > int rsa_public_encrypt(const uint8_t *rsa_input, const int input_len, uint8_t > *enc_out, > uint8_t *public_key, const int key_len) > are

Re: [openssl-users] Protecting RSA keys

airs, but when using them, I'm never prompted for the passphrase. So, I'm able to use any of the keys created, instead of using only my own key. Can you help me with this issue? Thanks in advance Best regards Sergio Magra __

[openssl-users] Protecting RSA keys

;m never prompted for the passphrase. So, I'm able to use any of the keys created. Can you help me with this issue? Thanks in advance Best regards Sergio Magra ___ openssl-users mailing list To unsubscribe: h

Re: [openssl-users] Windows Compile Fails

some time now without issues. We don't use Visual Studio though. The question is: does OpenSSL have to be built using Visual Studio only? If the answer is 'no', we could render some assistance. Just let us know. Cheers. Sergio. __

RE: Implementing msCRLNextPublish extension

> The synatx of the extension is needed too. Do you know of any specs giving > details? I've emailed the user but no response yet! <>

RE: FIPS in 1.0.1 windows 7 64 bit compile / link problems

More than happy to help you Dirk, but we use MinGW here and it works ok. You could check the versions (OpenSSL version and FIPS version). Sergio. > Date: Mon, 2 Jul 2012 18:05:54 +0200 > From: noadsple...@web.de > To: openssl-users@openssl.org > Subject: FIPS in 1.0.1 windows 7 64

RE: Using certificate and private key from Windows cert store with OpenSSL

ss Windows Certificate store. If you're using Windows boxes, I can send you my copy of OpenSSL for you to test. I hope it helps. Sergio. > From: ml.vladimbe...@gmail.com > To: openssl-users@openssl.org > Subject: Re: Using certificate and private key from Windows cert store wit

RE: Using certificate and private key from Windows cert store with OpenSSL

Ciao Andrejs. I don't know much about the source code you posted previously but if you build OpenSSL with the 'enable-capieng' option you'll be able to access every single store and all the certs stored in Windows. I hope it helps. Sergio. > Date: Mon, 31 Oct 2011 09

RE: getting the input not from command line

Ciao. If you use 'prompt = no' in openssl.conf, then it won't ask anything. I'm using it and it works ok! Cheers. Sergio. > Date: Wed, 19 Oct 2011 22:25:57 +0530 > Subject: Re: getting the input not from command line > From: pkr...@gmail.com > To: openssl-use

Blowfish issues with somewhat big files

enssl-0.9.8e-12.el5 on Centos 5.4. Please could you tell me what I am doing wrong? Thanks in advance! -- -- Sergio Belkin http://www.sergiobelkin.com Watch More TV http://sebelk.blogspot.com Sergio Belkin - __ OpenSSL Pr

OpenSSL 0.9.8k and CAPIENG

Can anybody help me out? Am I missing another patch? Thanks in advance. Sergio. _ Beyond Hotmail — see what else you can do with Windows Live. http://clk.atdmt.com/UKM/go/134665375/direct/01/ openssl-cvs-mingw-capi.patch.gz

Re: TLS SSL and virtual hosts

Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org -- Ing. Sergio Rabellino Università degli Studi di Torino Dipartimento di Informatica ICT Services Director Tel +39-0116706701  Fax +39-011751603 C.so Svizzera , 185 - 10149 - Torino

Re: Fw: Error: unable to get local issuer certificate!!!

Shivakumar Balur escribió: Hi All, Please provide any solution for error: Response Verify Failure 4:error:27069065:OCSP routines:OCSP_basic_verify:certificate verify error:ocsp_vfy.c:122:Verify error:*unable to get local issuer certificate* resolve.pem: unknown This Update: Sep

Re: how trust self signed certificate

matteo mattau escribió: Dears, I'm in trouble with self signed certificate, when I try to verify via ocsp a certificate whose issuer is self signed. The error I receive is always openssl ocsp -issuer /usr/local/ssl/cert/issuerPEM.crt -cert ./certificatePEM.cer -url http://ocsp.foo.com -CApath

Re: network connection encrypted/secure using ssl and sockets ?!

Manuel Sahm escribió: Hello, thank you for your reply :-) How could I realize your mentioned option with openssl (functions): public keys (asymmetric keys) without certificates ( In this situation neither A and B need to know about a previous secret.) Thank you so much >>&g

Re: network connection encrypted/secure using ssl and sockets ?!

Manuel Sahm escribió: Hello, thanks for reply,... Maybe you could help me. Is it possible to use a password instead of a Certification file and a Certification Key File to make the tcp connection secure via openssl ? Thank you >>> Sergio <[EMAIL PROTECTED]> 03.09.2008 1

Re: network connection encrypted/secure using ssl and sockets ?!

Manuel Sahm escribió: Hello, I want to make my network connection encrypted/secure using ssh. At the moment I open a socket in my embedded device, so that an client (PC) is able to connect to it: //initialization of the socket handle = socket(AF_INET, SOCK_STREAM, 0); serv_addr.sin_family

Re: about access to a private key using engine-pkcs11

Sergio escribió: Hello, I'm configuring an access control for wireless networks using eap-tls protocol. The clients have got credentials into a smartcard using engine-pkcs11. wpa_supplicant requires cert_id and key_id for certificate and private key respectively, stored into the chip.

about access to a private key using engine-pkcs11

Hello, I'm configuring an access control for wireless networks using eap-tls protocol. The clients have got credentials into a smartcard using engine-pkcs11. wpa_supplicant requires cert_id and key_id for certificate and private key respectively, stored into the chip. Linux clients can be aut

Re: openssl error while retreaving key from smartcard from wpa_supplicant?

Hi, first, until 0.6.4 devel version of wpa_supplicant, it requires a copy of client cert sitting on hard disk. 0.6.4 has cert_id field. at this moment i have got exactly the same error. Using wpa_supplicant under linux client works. With openssl engine, i only need to indicate key_id, cert_id

Re: Certificate problem on Windows XP client...

Venkata LK Mula escribió: Hi, With reference to the above mentioned subject, we have generated root, server and client certificates in .pfx (p12) and .der format in FreeRADIUS using OpenSSL, installed these certificates on the Windows XP client. And when I'm trying to associate the Windows c

Re: openssl 0.8.9h sha256

different algorithm (sha1, sha2, sha256 etc.) ? I need to create certs to test EAP-TLS/TTLS using WiMAX AP. Thanks, and appreciate your help. On 8/12/08, Sergio <[EMAIL PROTECTED]> wrote: Rafiqul Ahsan escribió: I see an error like below when trying to use EAP_TLS/TTLS authenticatio

Re: openssl 0.8.9h sha256

Rafiqul Ahsan escribió: I see an error like below when trying to use EAP_TLS/TTLS authentication with Certs that has Signature Algorithm: sha256WithRSAEncryption . Can anybody tell me why SSL does not like the TLS session ? I would appreciate your help. here is the radiusd -X log: ++[suffix] re

changing private key pass

Hi people, it is posible to change pass phrase of a private key into a PKCS#12 file? Or, in other case, having private key into a separate file in PEM format. Thanks __ OpenSSL Project http://w

Re: problems with certificate chain

. Only a CA can sign end-entity certificates. -Kyle H On Fri, Aug 8, 2008 at 1:40 AM, Sergio <[EMAIL PROTECTED]> wrote: Goetz Babin-Ebell escribió: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Sergio wrote: | I think so and you're right. Signing a client cert with a ser

Re: problems with certificate chain

Goetz Babin-Ebell escribió: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Sergio wrote: | I think so and you're right. Signing a client cert with a server cert is | inefficient and all my problems would solve itself if radius has ocsp | support. The missing support for OCSP is not

Re: problems with certificate chain

Goetz Babin-Ebell escribió: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Sergio wrote: | Hi people, Hello Sergio, | client.pem are signed by | server.pem, and server.pem are signed by ca.pem. It is a bad bad idea to sign a client certificate with a server certificate. Usually server

problems with certificate chain

Hi people, i have a problem with certificate chain. I'm configuring freeradius and wpa_supplicant using eap-tls protocol. client.pem are signed by server.pem, and server.pem are signed by ca.pem. I've tried to install (using ln -s and hash value of cert) ca.pem and server.pem into /etc/ssl/ce

Re: SSL certificate signing request

Dr. Stephen Henson escribió: On Mon, Jul 28, 2008, Phibo wrote: Is it possible for a certificate authority (CA) signing my SSL certificate signing request (csr) to decrypt my own SSL sessions ? Or, in other words, in a csr are there enough infos about my private key to be able to intercept S

Re: OpenSSL support for DHE-PSK

Patel Dippen-CDP054 escribió: Does OpenSSL support DHE PSK? Are there any issues with using DHE pre-shared keys? __ OpenSSL Project http://www.openssl.org User Support Mailing List

ocsp from C program

Hi, I have a X509 *client-cert and I need to make an ocsp request from a C program. I can`t use C functions like system()...etc. I can't find what function do this in openssl doc. Can anybody help me? Thanks __ OpenSSL Projec

Re: trying to get valid SSL cert working with uw-imap server.

uild phase you can tell him ./build SSLCERTS="/path/to/CA root certs directory (hashed!!)" With openssl s_client, you must tell him to point out the same dir with the option -CApath "/path/to/CA root certs directory (hashed!!)" Good luck! -- Ing. Sergio Rabellino Head

Re: PKCS#7

the smime option. You must convert your pkcs#7 back to smime, then take a look at the -nodetach implementation in the smime, maybe you can find the exact way to do the detach conversion. Hope this helps. -- Dott. Mag. Sergio Rabellino Technical Staff Department of Computer Science University

Re: Having problem compillin in solaris 10.

(36Mb) Bye. -- Dott. Mag. Sergio Rabellino Technical Staff Department of Computer Science University of Torino (Italy) http://www.di.unito.it/~rabser Tel. +39-0116706701 Fax. +39-011751603 __ OpenSSL Project

Re: For those of you using Solaris 10.

used by a different constant defined in the new 0.9.8 (PEM_something) bye. -- Dott. Mag. Sergio Rabellino Technical Staff Department of Computer Science University of Torino (Italy) http://www.di.unito.it/~rabser Tel. +39-0116706701 Fax. +39

Re: DES_ede3_cbc_encrypt and padding

to solve the problem, a segmentation fault is done calling des cbc encrypt/decrypt. Note also that i'd no problems at all to compile&test openssl until this last release. -- Dott. Mag. Sergio Rabellino Technical Staff Department of Computer Science University of Torino (Italy) h

Re: How can i convert p12/pfx to java key store (JKS) format

KeyTool bundled with the JDK, in the documentation you can find everything, but you must unpack first your p12 with openssl pkcs12 command to get key and certs readable by the keytool. Bye. -- Dott. Mag. Sergio Rabellino Technical Staff Department of Computer Science University of Torino (Italy

Re: Documentation on Sendmail TLS

on is requested. You must compile it and configure sendmail to use openssl API to achieve TLS channels for your MTA/MSA. If you have any question, send to me in private mail, this is not the right list. -- Dott. Mag. Sergio Rabellino Technical Staff Department of Computer Science University of T

Openssl 0.9.8 make test failed - addendum

version 3.4.2 Thanks to Developers for Openssl Stuffs! -- Dott. Mag. Sergio Rabellino Technical Staff Department of Computer Science University of Torino (Italy) http://www.di.unito.it/~rabser Tel. +39-0116706701 Fax. +39-011751603 _

Openssl 0.9.8 test errors

THIRTY_TWO_BIT mode DES_UNROLL used BN_LLONG mode RC4 uses uchar RC4_CHUNK is unsigned long BF_PTR used e_os2.h => include/openssl/e_os2.h Any hints ? Bye. -- Dott. Mag. Sergio Rabellino Technical Staff Department of Computer Science University of Torino (Italy) http://www.di.unito.it/~rabser

Re: Any issues with WinXP SP2?

MAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] -- Dott. Sergio Rabellino Technical Sta

Re: 0.9.7c Vulnerability??

... Obviously a visit must be done with an anonymizer proxy in the middle... :-) ...omissis... -- Dott. Sergio Rabellino Technical Staff Department of Computer Science University of Torino (Italy) http://www.di.unito.it/~rabser Tel. +39-0116706701 Fax.

Re: 0.9.7a & Win32-VC++ 6.0 Compilation problem

Dr. Stephen Henson wrote: On Mon, Feb 24, 2003, Rabellino Sergio wrote: Dear developers, I had a little (maybe) trouble to get compile the latest release of the package: the compiler is telling me about a redefinition of NETSCAPE_ENCRYPTED_PKEY and NETSCAPE_PKEY in the file crypto/asn1

0.9.7a & Win32-VC++ 6.0 Compilation problem

). Commenting out the lines, the compilation job is ok, and so the test suite, but which are the implications of this line removal ?? Thanks a lot. -- Dott. Sergio Rabellino Technical Staff Department of Computer Science University of Torino (Italy) Member of the Internet Society http

Re: I just want the binaries for W2K

l-win32/openssl-0.9.6h.msi.sig More info about these packages: http://marc.theaimsgroup.com/?l=openssl-dev&m=103210259026139&w=2 Cheers, - Peter Hi peter, which tool are you using to create .msi packages ?? It's a freeware one ? Thanks. -- Dott. Sergio Rabellino Technical Staff De

Re: Remove passprase

he pass phrase, which is why I wanted to change > it. Sorry. > > Let me rephrase my question: > Is it possible to remove or change a PEM pass phrase on keypair.pem > generated with openssl if you don't have the PEM pass phrase? > > Cheers, Robbert Only by brute force, I supp

Re: SSL_write problems

ton university ??? see at http://www.washington.edu/imap Bye. -- Dott. Sergio Rabellino Technical Staff Department of Computer Science University of Torino (Italy) Member of the Internet Society http://www.di.unito.it/~rabser Tel. +39

Re: Compiling OpenSSH 3.3 or 3.4 with OpenSSL 0.9.6e under Solari s 9

you more than this generic > advice. > > Best regards, > Lutz On my solaris 2.6, that library is missing at all; which compiler are you using: cc or gcc ? -- Dott. Sergio Rabellino Technical Staff Department of Computer Science University of Torino (Italy) Member of th

Re: build a pkcs10 request using private / public key on asmartcard

otify the sender immediately by return e-mail. > > __ > OpenSSL Project http://www.openssl.org > User Support Mailing List[EMAIL PROTECTED] > Auto

Re: Java + SSL

lementation not available". I use also jsse.jar which is needed to > run SSL. > > Can anybody help me :) > > Thanks in advance > > regards Ferruh It seems that jsse is not correctly installed in you VM. Follow the instruction embedded with the jsse for the correct defi

Re: anybody is working with openssl and visual basic?

sly, when you compile the dll, you must be sure that the compiler can reach the include/libs created by openssl This way could not be the best, but runs on most of the funcs deployed by openssl... Last but not least, sorry for my poor english. Bye. -- Dott. Sergio Rabellino Technical Sta

Re: anybody is working with openssl and visual basic?

Yes, i've done an tool for corporate user certification (key and cert management) interfacing visualbasic with openssl. What do you need ? -- Dott. Sergio Rabellino Technical Staff Department of Computer Science University of Torino (Italy) Member of the Internet Society

Re: No certificates in popup dialog box.

but seems to be unused, or better used in combination to the importing in the "trusted root->local computer" store. Obviously this is undocumented in the ms-site. Thanks. -- Dott. Sergio Rabellino Technical Staff Department of Computer Science University of Torino (Italy) Membe

Re: Client certificate verification

equest client certificate. Anyone has resolved this problem ? Maybe the extensions are wrong in the root or the server certificate ? My CA is published on http://ca.unito.it and a sample server certificate is on https://ca.unito.it thanks -- Dott. Sergio Rabellino Technical Staff Departme

Re: Expired Certificate in CRL

urces similar found in the internet, or if it's entirely of my inspiration...) Use free for everyone who wants... But retain the creator credits... -- Dott. Sergio Rabellino Technical Staff Department of Computer Science University of Torino (Italy) Member of the Internet Society http://

[Q] HMAC in openssl?

Hello All, Are there any plans to include "macro" commands, such as HMAC and SSL_MAC in openssl? I was thinking that it might be interesting to interface with hardware that supports this kind of commands. Thanks in advance, Sergio Loureiro www.

SSL_connect on Non-Blocking Socket under Windows

ns) Thanks. -- Dott. Sergio Rabellino Technical Staff Department of Computer Science University of Torino (Italy) Member of the Internet Society http://www.di.unito.it/~rabser Tel. +39-0116706701 Fax. +39-011751603 _

Re: CRL format problem

h openssl-engine 0.9.6b. > The mime-type reported by your web server is text/html and this is incorrect, you must return an "application/x-pkcs7-crl" document, so you must convert with openssl your crl to the pkcs7 form DER encoded, then return this blob with the correct mime type.

Re: How I can create a Cert STORE

Antonio Ruiz Martínez wrote: > > Rabellino Sergio wrote: > > > Antonio Ruiz Martínez wrote: > > > > > > Hello! > > > > > > Like I say in the subject > > > > > > How I can create a Cert Store? > > > > &g

Re: How I can create a Cert STORE

Antonio Ruiz Martínez wrote: > > Hello! > > Like I say in the subject > > How I can create a Cert Store? > > Thanks in advance, > Regards, > Antonio. Are you thinking about the Java Keystore (and certs... also)? -- Dott. Sergio Rabellino Technical

installation error of perl module related to SSLeay.so

b/arch/auto/Net/SSLeay/SSLeay.so' ===cut here=   what is this? i'm wrong in something related to the installation of openssl shared libraries? helpme...   from now, thanks   Sergio.-

Re: Problems with Microsoft IIS csr

e problemi, le consiglio di usare solo "Universita" senza la lettera accentata... E' bruttino, ma non c'e' altro modo, anche modificando il codice di openssl in modo da accettare caratteri "NON PRINTABLE", poi incorre in molti problemi con i browser, fino al crash di

Encryption Problem

adding but it display the same error. What is the problem? Is there a limit for the size of the file to encrypt? Regards, Sergio __ OpenSSL Project http://www.openssl.org Development Ma

Re: Certificate form for LDAP userCertificate

) output of the sign process, without the -BEGIN -END lines and compatting all the resulting lines in one line. In other hands it's a BASE64 of the DER form... -- Dott. Sergio Rabellino Technical Staff Department of Computer Science University of Torino (Italy) Member of the Interne

Re: SMTP server with SSL

rt on a Solaris7/64 box and it's ok ! Then using some ssltunnel application you can also give a imap or pop service over TLS/SSL support to your users. The only trick is about some packages that you must compile to obtain the server compilation... Good Luck ! -- Dott. Sergio Rabellino Technic

Problem linking the examples in WinNT4

ror ocurrs but whith other functions in the same libraries. This happens in all the examples I've tried with and with my own files. Could somebody help me?? Thak you in advance, Sergio Gallego. PD. Please write me back to current address ([

Configuring Apache with SSL

rt connect: Conexion rehusada httpsd: gcacheclient.c:118: OpenServer: La declaracion `I "couldn't connect to socket "' no se cumple. [ Fri Jul 28 12:22:22 2000 ] [notice] child pid 2228 exit signal Aborted (6) I've been trying many things, but I'm not keen on this and

keytool, and jarsigner

RTF file

Sign one apllet

I dont know if it is out of subject but anyway... i have one server certificate sign by my CA with openssl. and know that i want one applet in the same site, have "privilegios" to work in client browser. how can sign this apllet ? or what i have to do to have primissions to work in client brower

Re: libcrypto/BIO: creating PEM in memory

t; > > strncpy (pem,p,n); > > > pem [n] = 0; > > > > > > printf (">>%s<<\n",pem); > > > - I normally use BIO_gets to get chars from a BIO, and it's ok to exchange data from PEM* routines with output only to BIO . Another hints: it&

Help: How PORT from SSLeay080

RTF file

what going on?

I try to sent one message and i dont see it in mailing list __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager

"wrong message type" error ?

sl-unclean-shutdown And even: SetEnvIf User-Agent ".*MSIE.*" nokeepalive As it seems to be a client problem, I tried also with: SSLVerifyClient none But didn't solved. I also converted the chainfile from verisign to DER format. Anyone made a Versigin SGC work with mod_ssl+openssl

"expecting an asn1 sequence" error - SOLVED :)

Thanks to Dr Stephen, the solution was convert the certificate file to PEM format (it was in PCKS#7): First change the "BEGIN CERTIFICATE" and "END CERTIFICATE" lines to "BEGIN PKCS7"/"END PKCS7" and then run "openssl pkcs7 -in server.gid -ou

"expecting an asn1 sequence" error - HELP!

o had this problem solved it ? I hope so :) But how ? Thanks in advance! Sergio Salvi. Sao Paulo/SP/Brazil. __ OpenSSL Project http://www.openssl.org User Support Mailing List

Re: Alert

ecutable content. > > Of course, .. those of you with Outlook have a problem before you open the > program !! There is also another simpler solution to this problem... Use Netscape on Solaris ! to read the email :-)) Sorry for this one... Bye. -- Dott. Sergio Rabellino Technical

Re: About CRL

nd the second not ? The timestamping can help you in the secure determination of the signing time, but you need a method to verify the temporal validity of the certificate against a possible revocation by the CA or the user Mickey. The "CRL" growth problem is there, i think Bye. -

Re: About CRL

you re-enable it validity from the beginning to the end of life of the certificate, while the revocation has reduced this period. I think that this is an error (But maybe i'm wrong ?) Good Work to the list! -- Dott. Sergio Rabellino Technical Staff Department of Computer Science U

Re: CRLDistributionPoints

ssl wrote: > > Don't know whether it helps : > comment out the line : > crl_extensions = crl_ext > and the [crl_ext] section. > all ok, I forgot to upgrade my openssl tree.... Thanks... -- Dott. Sergio Rabellino Technical Staff Department of Computer Scienc

Re: CRLDistributionPoints

ted your solution, but during the signing phase I got a "unable to pack the crlDistributionPoints extension" and exit Any Hints? -- Dott. Sergio Rabellino Technical Staff Department of Computer Science Un

OpenSSL Bugs on Alpha (4.0x/cc)

run also on windows 95/Vc5 ! (that's incredible...). If someone has experience on problems with openssl (i've tried 9.1 and 9.2) and alpha machine, i can send my sources... thanks -- Dott. Sergio Rabellino Technical Staff Department of Computer Science University of Torino (Italy)

Re: SSL with IIS/IE

to be protected against italian people :-)) Thanks for yor reply. -- Dott. Sergio Rabellino Technical Staff Department of Computer Science University of Torino (Italy) Member of the Internet Society http://www.di.unito.it/~rabser Tel.

Re: SSL with IIS/IE

Miguel Angel Fraga wrote: > > Hello Sergio, > > > From: Sergio Rabellino <[EMAIL PROTECTED]> > > ... > > Anyone knows how to import a 1024 bit cert into IIS ?(I prefer > > Apache/Unix, but my principal want IIS/NT support also... :-(( ) > > I don

Re: CA certificate with IIS

My root CA is the 15th of the list > > Has anyone an idea of someting wrong with my CA? The only thing > that is unique to it is the use of the Netscape > extension. Does IIS not support it? > As I know Microsoft doesn't support any Netscape extension (not so strange ...) B

Re: Imap/SSL

Sergio Rabellino wrote: > > Hi, > > i've installed sslwrap compiled with SSLeay 0.9.0b (I'll step-up to > openssl asap), and i've a strange behaviour... > With outlook express (microsozz) all things go right, but with > netscape, if i enable SSL with the

Re: SmartCard

Erwann ABALEA wrote: > > On Wed, 24 Feb 1999, Sergio Rabellino wrote: > > > Hi, > > anyone has used the ssleay/openssl certificates with smartcards > > (tokens) > > 1024bits key enabled, inside the browsers like Netscape or IE/Outlook ? > > We work wi

SmartCard

Hi, anyone has used the ssleay/openssl certificates with smartcards (tokens) 1024bits key enabled, inside the browsers like Netscape or IE/Outlook ? Thanks for any reply... -- Dott. Sergio Rabellino Technical Staff Department of Computer Science University of Torino (Italy) http