rl2pkcs7 -nocrl -certfile /dev/stdin |
openssl pkcs7 -print_certs -noout -text |
grep "\(Issuer:\|Subject:\|Not Before:\|Not After :\)"
which does the trick for me, used one of my personal servers to test
thanks for the help!
nate
itself would probably be a big change that would be done by staff
that aren't at the org anymore. So not expecting that to happen anytime
soon. The app openssl is only used for outbound connections, all inbound
ssl is handled on external load balancers.
thanks
nate
On 2021-09-30 10:12, nate wrote:
That is interesting and explains some things. One more Q for you, this
app
Oops sorry no more Qs, I was going to write one then I realized that
OpenSSL
appends the OS certs on top of the custom CA cert file which I wasn't
expecting, updated my email f
hanks again
nate
ould allow any certs to be signed with a
CA cert that
was about to expire(especially given their low cert expiration times)
but that's their
issue.
thanks
nate
not know how they
are stored.
Thanks,
Nate Steffan
smime.p7s
Description: S/MIME cryptographic signature
not know how they
are stored.
Thanks,
Nate Steffan
smime.p7s
Description: S/MIME cryptographic signature
app. e.g.:
BIO_pair
---
Da <-> WSARecv <-> BIO_write <-> netwk | int <-> SSL* <-> SSL_read
Wire WSASend BIO_read BIO | BIO SSL_write
Thanks,
Nate
-> Content
-> Certificates -> Intended Purpose = Smart Card Logon, that my cert is
capable of this (actually, it says ""). Under my smart card suite
(where I was initially looking) though, it says that Logon is not enabled.
Is that at all significant?
Thanks in adv
ack?
Thank you very much,
Nate B.
--
View this message in context:
http://www.nabble.com/Creating-certs-used-for-smartcard-logon-in-windows-tp23338745p23338745.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.
___
0:53 PM
To: openssl-users@openssl.org
Subject: Re: BIO_flush with BIO_pairs?
On Thu, Apr 30, 2009 at 04:05:49PM -0700, Nate Leon wrote:
> Is there any use for BIO_flush when using BIO_pairs?
No, they don't have anywhere to drain (flush) the data to.
Size);
BIO_flush(networkBio);
Thanks,
Nate
I like it:
* make a read for data length = read buffer length (some kbytes) and
then loop on SSL_pending and SSL_read to get the rest of the
record, until SSL_pending returns 0. In that case, after the first
SSL_read has returned something select is useless.
BTW, does anybody
I did find this comment in ssltest.c :
* A BIO pair behaves similar to a non-blocking socketpair
* (but both endpoints must be handled by the same thread).
i.e. You can NOT have Thread1 write to a BIO_pair and expect Thread2
to read it off the BIO_pair.
Is that what you were referring to?
Regard
Again, thanks for all the pointers, these are really helpful getting
me going in the right direction.
I am still digesting all of your info, but wanted to discuss this
point further, as it almost sounds like a show-stopper:
> be aware that SSL BIO's (and (SSL*) sessions!) are 'threadsafe' in the s
All good points. I was not planning to go to production with that
code - I was just happy to see something working. :)
I was trying to figure out a way to call SSL_set_bio once per session
with both read and write buffers, but I am stumped there since this
call:
m_bioMem = BIO_new_mem_buf(encry
That was the trick - I was trying to write to a :
BIO* bioMem = BIO_new(BIO_f_buffer());
which doesn't really make sense.
Indeed, this is working:
BIO* bioMem = BIO_new(BIO_s_mem());
SSL_set_bio(m_ssl, NULL, bioMem);
SSL_write(m_ssl, responseData, nRespDataSize);
My SSL object (m_
Greetings,
I am in the process of converting an SMTP/TLS server to use Async IO.
(using IO Completion Ports on Windows)
As such, the previously working style of using SSL_accept, select, and
SSL_read / SSL_write is no longer sufficient.
Now that I am using WSARecv to do the read, my app is notifie
tance,
the first character in the message with certainty does this affect the
effectiveness of the encryption?
Thanks for your time,
Nate
t;6:d=2 hl=2 l= 9 prim: OBJECT:PBES2
>17:d=2 hl=2 l= 51 cons: SEQUENCE
>19:d=3 hl=2 l= 27 cons: SEQUENCE
>21:d=4 hl=2 l= 9 prim: OBJECT:PBKDF2
Thanks Steve and fellow openssl users!
On Wed, Jan 7, 2009 at 2:13 AM, Dr. Stephen Henson wro
I'm using openssl to create an encrypted key in pkcs8 format. Specifically
I'm using triple des. An example of the asn1parse output is below.
My goal is to take the "rather long hexadecimal value", which I assume is
the encrypted key, and decrypt it using a separate triple des decryption
library
Since I never got any replies to this, I figured it might be useful to
update the group with the solution...
Indeed, the problem was with my application.
I was just using ::select() to see if there was data waiting for me to
SSL_read off the socket, which I cover to discover is not reliable.
04:08 2002] [error] OpenSSL:
error:0D09B00D:lib(13):func(155):reason(13)
Can anyone tell me why it will not work with a passphrase now when it did
previously? And how can I fix it so it will work with key that has a
passphrase instead of just working with a key that has no passphrase?
Th
23 matches
Mail list logo
