Hi,
I am working with a PIV card and integrating it into openssl using the
opensc engine.
For example I can encrypt some data with:
OPENSSL_CONF=piv.conf ./openssl smime -encrypt -outform smime -out
/tmp/test.encrypt /tmp/encrypt.pem
and then decrypt it with:
OPENSSL_CONF=piv.conf ./openssl smim
Hi,
I wrote an app that prints out the fingerprint of a certificate.
I used SSL_get_peer_certificate(ssl) to get the cert. This works fine with
openssl 0.9.8b but not with c (I always get NULL for the cert). Any ideas
why?
I used SSL_set_verify on the SSL object before making a sslconnect/acceppt.
"Mark H. Wood" wrote:
> You don't have to, but you may decide that it's much better than the
> alternatives. You could create your own certificate, but you need to
> answer two questions first:
>
> o How will my users acquire copies of my certificate?
Huh? The certificate is presented a
I have no expirence with SSL.. I am using RH Linux 6.2 kern 2.2.14-5.0. How
do get/generate a cert? Do I have to buy a commerical cert?
Brock
__
OpenSSL Project http://www.openssl.org
User Suppo
openssl command line utility will do it.
This page should get you started. Go to the examples section.
http://www.openssl.org/docs/apps/req.html#
Brock Noland wrote:
I have no expirence with SSL.. I am using RH Linux
6.2 kern 2.2.14-5.0. How
do get/generate a cert? Do I have to buy a commerical c
]]
Sent: Friday, December 08, 2000 1:52 PM
To: [EMAIL PROTECTED]
Subject: Getting a Cert
I have no expirence with SSL.. I am using RH Linux 6.2 kern 2.2.14-5.0. How
do get/generate a cert? Do I have to buy a commerical cert?
Brock
Hello.
The following works for me. I won't give you the full forms since they are
in Estonian and utterly unreadable, but the idea should be clear.
First, try everything with MSIE 5. It is much more intelligent than IE4 -
understands certificate chains, shows the certs in a nice and logical way,
Gunther Schadow wrote:
>
> Steve,
>
> 1. I have generated PKCS#10 with xenroll,
> 2. I have generated a PKCS#7 chain
> 3. I have send the PKCS#7 chain back as base64
> 4. I called acceptPKCS7 on it
>and that fails with Error Number -2146881532
>
Hmm... lets see thats in hex 0x80093004 ...
Steve,
> OK since Xenroll is the most secure way to give individuals certificates
> I'll stick to that problem.
>
> Can you outline what you've done?
>
> Normally you do something like this.
>
> 1. Generate a PKCS#10 request with Xenroll. Set the KeySpec to 1 and
> GenKeyFlags to 3.
> 2. Add BE
Gunther Schadow wrote:
>
> I am trying to set up an easy way for people to get their cert
> into their MS Internet Explorer v4.0 and up. I know it works
> with Verisign certs and I have a snapshot trail from what they
> do. But I can't get my certs processed. The best I can get is
> a dumb erro
I am trying to set up an easy way for people to get their cert
into their MS Internet Explorer v4.0 and up. I know it works
with Verisign certs and I have a snapshot trail from what they
do. But I can't get my certs processed. The best I can get is
a dumb error number from the ICenroll.acceptPKC
11 matches
Mail list logo
