, Prathima Dandapani -X (pdandapa - HCL at Cisco) wrote:
> Hello users,
>
> CVE-2009-0789 seems to be applicable to openssl 0.9.7l based on the
> affected versions mentioned. We are using Apache 1.3.34 + openssl
> 0.9.7l.The solution given is to upgrade to 0.9.8k,but Apache 1.3x
done as part of
this vulnerability to openssl 0.9.7l source code, but not able to see code
changes anywhere.
Any place where we can see the code changes for this vulnerability?
Please suggest.
Thanks and Regards,
Prathima
e with the following options:
Version : v3
Signature algorithm : SHA-256
and RSA 1024 bit private key is being used.
Regards,
Prathima
--
View this message in context:
http://www.nabble.com/TLS-handshake-is-not-intiated-when-the-SSL-ctx-object-has-client-certificate-and-private-key-
Hi Patrick,
Firstly I would like to thankyou for the help in this issue.
Now by generating Intermediate CA certificates with Version V3, Mutual TLS
is successful with Apache Server.
Prathima
Patrick Patterson-3 wrote:
>
> Hi Prathima:
>
> Ok - a few things that I've noticed
Client certificate chain along with the Intermediate CA certificates is
attached. This chain certificate is converted to x509 standard ,PEM format
and then sent to server.
Patrick Patterson-3 wrote:
>
> Hello Prathima:
>
> On March 24, 2009 10:40:47 am prathima wrote:
>>
Client certificate chain along with the Intermediate CA certificates is
attached. This chain certificate is converted to x509 standard ,PEM format
and then sent to server.
Patrick Patterson-3 wrote:
>
> Hello Prathima:
>
> On March 24, 2009 10:40:47 am prathima wrote:
>>
ertificate chain are correct.
3. What are AKI/SKI fields of chain?
I am attaching ca chain certificate that I am using.
Patrick Patterson-3 wrote:
>
> Hello Prathima:
>
> On March 24, 2009 10:40:47 am prathima wrote:
>> Hi Kyle,
>>
>> CA certificate chain is parsed pro
For more information, please see RFC 3280 (for help decoding the
>> certificates and their semantics); openssl x509 -noout -text will be
>> your friend here (though you will need to split up cachain.crt into
>> its individual certificates to be able to print their properties.
>
ot;encipherment" and "key
negotiation"
Prathima
wolfoftheair wrote:
>
> This is not an Apache support mailing list, and so these suggestions
> are necessarily general in nature.
>
> Check to make sure that the PEM-encoded certificates in cachain.crt
> are pr
I am using Apache server for HTTPS connection with client.
I had generated client certificate signed by an intermediate CA(CA1), which
is further signed by an intermediate CA(CA2). CA2 is signed by a ROOTCA.
I loaded chain of certificates on client excluding ROOTCA(i.e.,
clientcert+CA1+CA2).
Conf
I am using Apache server for HTTPS connection with client.
I had generated client certificate signed by an intermediate CA(CA1), which
is further signed by an intermediate CA(CA2). CA2 is signed by a ROOTCA.
I loaded chain of certificates on client excluding ROOTCA(i.e.,
clientcert+CA1+CA2).
Conf
which we can get the
certificate/Key type(PEM/DER)?
Or else Is it mandatory to pass either of the two
macros(SSL_FILETYPE_PEM/SSL_FILETYPE_ASN1) as arguments?
Is there still any bug regarding DER format in OpenSSL?
Regards,
Prathima.
--
View this message in context:
http://www.nabble.com
the connection
with the client? From the logs it shows SSL_ERROR_SYSCALL , can somebody let
me know
the possible reasons for this error? Are there any config issues on the
server side to be taken care in this respect?
Regards,
Prathima
Polycom IDC
--
View this message in context:
http
(apache)?
How do you get apache to use the new mod_ssl then?
Thank you very much.
Prathima Dandapani -X (pdandapa - HCL at Cisco) wrote:
>
> Yes, you need to recompile mod_ssl of Apache when openssl is upgraded.
>
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailt
Yes, you need to recompile mod_ssl of Apache when openssl is upgraded.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of csross
Sent: Wednesday, October 22, 2008 3:02 AM
To: openssl-users@openssl.org
Subject: upgrade openssl, do I need to recompile apache
Hello All,
Can anyone tell me how to create statically linked openssl?
I have used no-shared option to Configure script,but invain.
Please share your suggestions.
Thanks,
Prathima.
piler aborts. Correct this portion of the code, or remove /WX from
> compiler option.
>
> Thanks,
> Ambarish.
>
>
> NMAKE : fatal error U1077: 'cl' : return code '0x2'
> Stop.
>
> Any thoughts?
> Thanks in advance,
> Prathima.
>
>
NMAKE : fatal error U1077: 'cl' : return code '0x2'
Stop.
Any thoughts?
Thanks in advance,
Prathima.
Hello,
Anyone tried executing openssl on WIN2k8 server?
Is it officially supported?
Thanks in advance,
Prathima.
Hi,
Any idea on the next release of openssl version in 0.9.7 series?
Thanks,
Prathima.
_
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Prathima Dandapani -X
(pdandapa - HCL at Cisco)
Sent: Saturday, October 06, 2007 11:42 AM
To: openssl-users@openssl.org
Any idea on the next release of openssl version
Thanks,
Prathima.
21 matches
Mail list logo
