Thank you, I got it worked out. I just had to concatenate the ca pem file to
the client pem file and using that as the -in argument when export the pkcs12,
then I had the full chain in one file.
Thank you to both you and yyy for your help.
Travis
From: owner-openssl-us...@openssl.org
Perhaps I am asking the wrong question. Files types aside, can one create a
single file that can be used to install a full chain of trust on a windows
machine?
Travis
From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org]
On Behalf Of Travis Dimmig
Sent: Friday
Can a .der file be combined with a .p12 file to install the full chain of trust
with one file?
Travis Dimmig
Software Development Specialist
Impulse Point
www.impulse.com<http://www.impulse.com>
pose, so I assume I just don't know how to specify that when
creating the CA.
Also: Can someone respond with just a "Hi Travis" so I can verify that my
messages are making it to the list?
Thanks,
Travis Dimmig
Software Development Specialist
Impulse Point
www.impulse.com<http://www.impulse.com>
I'm sure I could, it just irked me that openssl s_client didn't seem to work
the way it is supposed to. I can work around the problem, but I'd like to know
if it is a problem with the utility or if I was using it incorrectly.
-Travis
> -Original Message-
> F
Trying to use the "openssl s_client" utility to test an https page. I
am able to connect, and to perform a GET and see pages, but I can't make
a POST work. I try to do something like:
POST /path/to/page HTTP/1.1
HOST: internal.host.ip.address
Content-Type: plain/text
Content-Length: 6
foobar
your mail
program doesn't understand. | http://www.subspacefield.org/~travis/
If you are a spammer, please email j...@subspacefield.org to get blacklisted.
pgpS5s8DPhrKJ.pgp
Description: PGP signature
deployment so please let
me know what You think!
Thank You very much,
Travis
--
Crypto ergo sum. http://www.subspacefield.org/~travis/
Truth does not fear scrutiny or competition, only lies do.
If you are a spammer, please email [EMAIL PROTECTED] to get blacklisted
Has anyone seen this error:
error:140D5042:SSL routines:SSL3_CTRL:called a function you should not call
I am trying to troubleshoot and could use some help urgently.
Thank you in advance for your help.
--
Crypto ergo sum. https://www.subspacefield.org/~travis/
Truth does not fear scrutiny or
oes anyone here know that it does work?
Because all my work has suggested that it does not.
--
Crypto ergo sum. https://www.subspacefield.org/~travis/
Truth does not fear scrutiny or competition, only lies do.
If you are a spammer, please email [EMAIL PROTECTED] to get b
recommendation?
--
Crypto ergo sum. https://www.subspacefield.org/~travis/
Truth does not fear scrutiny or competition, only lies do.
If you are a spammer, please email [EMAIL PROTECTED] to get blacklisted.
__
OpenSSL Project
I've been wrestling with the openssl.cnf and don't understand it.
I need to make some certs for some OpenBSD IPSec hosts (isakmpd)
and they require this field to have something in it.
Where should I start reading?
--
Crypto ergo sum. https://www.subspacefield.org/~travis/
Truth doe
ll that simply scanning for and banning such
keys is good enough.
I was hoping someone would release a tool to search for them in the
authorized_keys files on any OS (e.g. my OpenBSD box), but AFAIK,
nobody has.
I certainly don't want a kluge to the RNG.
--
Crypto ergo sum. https://www.subspac
t too
many, it's still O(brute force).
--
Crypto ergo sum. https://www.subspacefield.org/~travis/
Truth does not fear scrutiny or competition, only lies do.
If you are a spammer, please email [EMAIL PROTECTED] to get blacklisted.
__
Open
ll that simply scanning for and banning such
keys is good enough.
I was hoping someone would release a tool to search for them in the
authorized_keys files on any OS (e.g. my OpenBSD box), but AFAIK,
nobody has.
I certainly don't want a kluge to the RNG...
--
Crypto ergo sum. https://www.subspac
ho are interested in a discussion of proper RNG behavior,
see the section in my online book, here:
http://www.subspacefield.org/security/security_concepts.html#tth_sEc21
--
Crypto ergo sum. https://www.subspacefield.org/~travis/
Truth does not fear scrutiny or competition, only lies do.
If
his is supported?
--
Crypto ergo sum. https://www.subspacefield.org/~travis/
Truth does not fear scrutiny or competition, only lies do.
If you are a spammer, please email [EMAIL PROTECTED] to get blacklisted.
__
OpenSSL Project
that PKCS7_dataDecode(p7, NULL, NULL, NULL) is returning
null, but our library code is not throwing an exception.
Does anyone have any experience with OpenSSL being unable to parse
PKCS#7 objects created by BouncyCastle?
--
Crypto ergo sum. https://www.subspacefield.org/~travis/
Truth does not fear scruti
I have to become so quite quickly. :-)
Thanks,
Travis
--
https://www.subspacefield.org/~travis/
I need a better strategy for being less analytical.
For a good time on my email blacklist, email [EMAIL PROTECTED]
pgphxKgNrZSIu.pgp
Description: PGP signature
? It has
been very time-consuming, and the parsing issues are a real PITA.
Right now we've got BC to read signed v1.5 objects but it barfs on
encrypted objects with a padding error.
--
https://www.subspacefield.org/~travis/
I need a better strategy for being less analytical.
For a good time o
this... I don't
really understand why, but you no longer can pass a non-const to a
function that needs const.
--
https://www.subspacefield.org/~travis/>
The stream is deaf, yet sings its melody for all to hear.
For a good time on my email blacklist, email [EMAIL PROTECTED]
pgpdyip4dvxsA.pgp
Description: PGP signature
SL fixed it in the distribution so that I didn't have to work
around it...
--
https://www.subspacefield.org/~travis/>
The stream is deaf, yet sings its melody for all to hear.
For a good time on my email blacklist, email [EMAIL PROTECTED]
pgpKnhgV9LiVJ.pgp
Description: PGP signature
nge void to char, or
vice-versa?
--
https://www.subspacefield.org/~travis/>
The stream is deaf, yet sings its melody for all to hear.
For a good time on my email blacklist, email [EMAIL PROTECTED]
pgpot55o1DATQ.pgp
Description: PGP signature
clude a file which no longer exists in 0.9.8g, since
the older OpenSSL revs will be on the include path.
Does anyone have any insight into this?
--
https://www.subspacefield.org/~travis/>
The stream is deaf, yet sings its melody for all to hear.
For a good time on my email blacklist, email [EMAIL
and then do i make a cert from the decrypted key (seems to cause errors) or
use the current cert and the decrypted key?
~Travis
>From: Ryan Hurst <[EMAIL PROTECTED]>
>Reply-To: [EMAIL PROTECTED]
>To: "'[EMAIL PROTECTED]'" <[EMAIL PROTECTED]>
>Su
I got a CA cert now and made a working server certificate. the problem is,
it asks for a password everytime the server starts. how can i fix this?
~Travis
_
Get your FREE download of MSN Explorer at http://explorer.msn.com
self, don't be dumb and re-install
mod-ssl OVER an existing copy. it reaks havic with apache).
~Travis
_
Get your FREE download of MSN Explorer at http://explorer.msn.co
I am trying to build the openssl-0_9_6a-beta3. I have a VAX running vms 6.2
and Compaq C V6.2-003. I get the following error when compiling and cannot
find the libfisdef.h in any directories. Can someone point me to this file?:
$ CC/OBJECT=SYS$DISK:[-.VAX.OBJ.CRYPTO]DSO_VMS.OBJ SYS$DISK:[.DSO]ds
You need to have a source for the -rand flag.
My solution was to use egd and create a file of sufficent length full of
random data.
then the command line was:
openssl genrsa -rand -des3 1024 > server.key
or
openssl genrsa -rand -des3 -out server.key 1024
Hope that helps.
Travis The
Thanks.
I've been beating myself over the head with this for 2 days :)
-Travis
>
>
> I have just worked out on this problem without /dev/rand and egd on
> my system. Here are the steps you need:
>
> - Create a file with large size of random data, e.g:
> cat /
r not seeded' error.
Any help would be greatly appreciated.
-Travis Theune
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PRO
ut the
list itself) send email to <[EMAIL PROTECTED]> .
This is the general rule for most mailing lists when you need
to contact a human.
--
Travis
Rusty Wright <[EMAIL PROTECTED]> on 06/08/2000 12:58:40 PM
Please respond t
32 matches
Mail list logo
