Re: [openssl-users] Re: adding certificate policies extension in CSR

t; User Support Mailing Listopenssl-users@openssl.org > Automated List Manager majord...@openssl.org -- --- Willy Weisz Computational Science Center University of Vienna O

Re: adding certificate policies extension in CSR

mean that the certificate requestor defines the certificate policies? Only the CA may state which certification policies it is following. Regards Willy > > This the line of code I added: > add_ext(exts, NID_certificate_policies, "1.3.6.1"); > > Unfortunately it causes a seg

Re: Bug in [ policy_match ] among OpenSSL versions?

Hi Gabriel, openssl performs as it is described. You probably wanted the behaviour activated by the option "supplied" which requires the DN component to be present, but doesn't tie it to the corresponding entry in the CA DN. Regards Willy Am 19.09.2011 17:02, schrieb Gabriel M

Re: Certificate with multiple CN fields - valid?

with a single CN. Regards Willy Weisz John Nagle wrote: >Normally, when a certificate is to be valid for more than one > domain name, one name is in the "CN" field, and the others are in > the "subjectAltName" extension. > >But look at the cert for &q

Re: Multiple email Support

to check whether the signature fits the sender addresses. In order to encrypt your emails you need the certificates of the recipients - your keys and certificate aren't used for it. Amicalement Willy Am 04.02.2010 22:31, schrieb Abbass Marouni: > > Bonjour, > > >

Re: OpenSSL with SafeNet ProtectServer engine

l command must contain the options: -engine pkcs11 -keyform engine -key slot_yourSlotNumber-label_yourHSMslotLabel I hope this helps - it works for me. Regards Willy Am 02.12.2009 16:27, schrieb Frederik Mennes: > > Hi everyone, > > > > I am trying to use OpenSSL's EVP inte

Re: pkcs12 with frienlyNames seems to be erroneous

sful solution. Regards Willy Dr. Stephen Henson wrote: > On Wed, Sep 02, 2009, Willy Weisz wrote: > >> I'm using openssl version 0.9.8h shipped by openSuSE as 0.9.8h-28.10.1 >> >> The shortest friendlyName I tried to use was 7 letters long - can this >> be too long

Re: pkcs12 with frienlyNames seems to be erroneous

g keystore. Everything works fine when no friendlyName is included in the p12 file. Regards Willy Dr. Stephen Henson schrieb: > On Tue, Sep 01, 2009, Willy Weisz wrote: > > >> Being unable to using a PKCS#12 file created by openSSL with 3 different >> applications - Java

pkcs12 with frienlyNames seems to be erroneous

l.KeyStoreBuilder.build(KeyStoreBuilder.java:98) at org.apache.commons.ssl.KeyStoreBuilder.main(KeyStoreBuilder.java:540) Even so the problem may be attributed to the applications, I suspect that the fact that it happens with 3 applications rather points to an er

ld: Badly formed hex number: -std1

Title: ld: Badly formed hex number: -std1 I'm trying to build OpenSSL (openssl-0.9.6) on Digital Unix 4.0 (OSF1 V4.0 878 alpha) for use with mod_ssl for Apache, but get the following error: --- ... ld: Badly formed hex number: -

Can anybody help this Newbie?

the wrong place (/root) and I should be downloading and installing from somewhere else. I may be wrong about RMP installing openssl completely. But the truth is that I am completely stumped. Can anybody help? Cordially, Willy Chaplin __