_
From: openssl-users [openssl-users-boun...@openssl.org] on behalf of Dmitry
Belyavsky [beld...@gmail.com]
Sent: Tuesday, March 19, 2019 21:09
To: openssl-users@openssl.org
Subject: Re: Howto prevent cycles in engine invocation ?
Hello Andreas,
I used smth like
===
RSA_METHOD my_rsa_meth
Hello Andreas,
I used smth like
===
RSA_METHOD my_rsa_method = {
"My RSA method",
0, /* pub_enc */
0, /* pub_dec */
0, /* priv_enc */
my_priv_dec, /* priv_dec */
0, /* rsa_mod_e
Following scenario:
I have an engine that implements e.g. RSA decryption.
That engine links against a library that links against libcrypto to perform RSA
decryption.
Now if I have an application that sets the default library to be my engine,
won't I end up in an infinite loop ?
Or the other wa
Thanks Rich, I will take a look at this also.
Bob
On 08/09/2017 09:49 AM, Salz, Rich via openssl-users wrote:
https://www.openssl.org/~rsalz/pki.tgz but only a root and end-entity. Adding
an intermediate should not be incredible difficult :)
--
openssl-users mailing list
To unsubscribe: htt
https://www.openssl.org/~rsalz/pki.tgz but only a root and end-entity. Adding
an intermediate should not be incredible difficult :)
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
I want to build a PKI structure of a root CA, intermediate CA(s), and
user and server certs. So I went looking for some guidance and found:
https://jamielinux.com/docs/openssl-certificate-authority/create-the-root-pair.html
Anything else out there?
The certs will all be ECDSA, P256 SHA256. L
On Mon, 2014-08-04 at 22:45 +0200, Michael Felt wrote:
And finally - read exactly what is there: -- Dependent module libcrypt.so could
not be loaded, not as above
0509-150 Dependent module /usr/lib/libssl.a(libssl.so.0.9.8) could
not be loaded. (libssl.a(member))
The problem there is
't specify an import file, AIX will just
>> > use the standard static object rules when it searches an archive for
>> > likely candidates to link in: First logical member of the archive that
>> > has the desired symbol will be chosen for inclusion. The difference is
&
t searches an archive for
> > likely candidates to link in: First logical member of the archive that
> > has the desired symbol will be chosen for inclusion. The difference is
> > that the static linker will see the "shared" flag and just add that
> > member of the a
Thanks - I found the hint in INSTALL on howto create the shared files. What
I have not figured out is how to make openssl want them to be
libssl.a(member) and libcrypto.a(member).
Here is where I am atm:
I was able to create libssl.so.0.9.8 and libcrypto.so.0.9.8
The traditional packaging on
c linker will see the "shared" flag and just add that
> member of the archive to the file's dynamic loader table instead of
> statically linking it in.
> >
> >
> > On Mon, 2014-08-04 at 08:45 +0200, Michael wrote:
> >
> >
> > Dear all,
&g
On 8/4/2014 7:06 PM, Sands, Daniel wrote:
> To generate a .a of shared objects instead of static objects, really all you
> do is build the shared object(s) and create an archive out of them. There is
> no special magic about it beyond creating the shared object in the first
> place. When lin
er table instead
of statically linking it in.
On Mon, 2014-08-04 at 08:45 +0200, Michael wrote:
Dear all,
I wish I knew better - howto use ld to craft an archive member, but I do
not. (Below was sent to openssl-dev, if it arrived, please ignore for
now - however, once I understand this AND if I
inker will see the "shared" flag and just add
that member of the archive to the file's dynamic loader table instead of
statically linking it in.
On Mon, 2014-08-04 at 08:45 +0200, Michael wrote:
Dear all,
I wish I knew better - howto use ld to craft an archive member, but I do
not
Dear all,
I wish I knew better - howto use ld to craft an archive member, but I do
not. (Below was sent to openssl-dev, if it arrived, please ignore for
now - however, once I understand this AND if I figure out a "simple"
change, I shall submit a patch for future AIX builds.)
> From: owner-openssl-us...@openssl.org [mailto:owner-openssl-
> us...@openssl.org] On Behalf Of Frederic Nivor
> Sent: Friday, 02 May, 2014 11:18
> To: openssl-users@openssl.org
> Subject: OpenSSL / GnuTLS / Certificate Installation HowTo
>
> I would like to create a TCP c
I would like to create a TCP client/server scenario:
- a simple C server on a VPS
- a simple C client on another device
And I would like to secure the TCP connection between them. GnuTLS
seems to be a good choice (they also propose some client/server
samples).
My web hosting provider gave me a SSL
If you create a selfsigned certificate, the signature algorithm will obviously
be that of the public key of the certificate. If you use an EC key, you can
only end up with a ecds-with* signature. If you want sha1WithRSAEncryption,
you need to create a RSA key. Or have your EC-certificate signed
Hi,
I am facing an issue while I am trying to create a sample self-signed
certificate using openssl -req for EC Cipher suites.
*Requirement:*
I need to install a self-signed certificate for the cipher suite
ECDH-RSA-AES128-SHA which has the following attributes:-
1. Signature Algorithm:
On Thu, 4 Aug 2011, Dave Thompson wrote:
From: owner-openssl-us...@openssl.org On Behalf Of Alan Buxey
Sent: Thursday, 04 August, 2011 03:54
Thank you! But now I'm spending my time with another issue
with this: I
cannot create certificate longer than I month:
The server certificate was
> From: owner-openssl-us...@openssl.org On Behalf Of Alan Buxey
> Sent: Thursday, 04 August, 2011 03:54
> > Thank you! But now I'm spending my time with another issue
> with this: I
> > cannot create certificate longer than I month:
> > The server certificate was created by command:
> > ope
When you are creating a CA and issuing certificate you are building a PKI
(Public Key Infrastructure). In operating a PKI, you might want to
consider crafting a certification policy, specifying the process for
managing the lifecycle of your certificates, securing the CA's private key,
securing th
On Thu, 4 Aug 2011, Bernhard Fröhlich wrote:
Am 04.08.2011 08:23, schrieb Tomas Macek:
We have some web servers and I want to create self signed certificates for
them.
What do I want:
- I want to create my own certification authority keys and certificate,
that will be imported to all web b
Am 04.08.2011 08:23, schrieb Tomas Macek:
We have some web servers and I want to create self signed certificates
for them.
What do I want:
- I want to create my own certification authority keys and
certificate, that will be imported to all web browsers of our employees
- I want to create certi
On Thu, 4 Aug 2011, Alan Buxey wrote:
Hi,
Thank you! But now I'm spending my time with another issue with this: I
cannot create certificate longer than I month:
This is my CA certificate validity:
...
Not Before: Aug 3 10:07:14 2011 GMT
Not After : Aug 2 1
Hi,
> Thank you! But now I'm spending my time with another issue with this: I
> cannot create certificate longer than I month:
>
> This is my CA certificate validity:
> ...
> Not Before: Aug 3 10:07:14 2011 GMT
> Not After : Aug 2 10:07:14 2012 GMT
> ...
>
Thank you! But now I'm spending my time with another issue with this: I
cannot create certificate longer than I month:
This is my CA certificate validity:
...
Not Before: Aug 3 10:07:14 2011 GMT
Not After : Aug 2 10:07:14 2012 GMT
...
This is my server'
Everything seems to be fine, only for new installations it is recomended to use at least 2048 bit keyand, at least some time ago, openssl used to default to MD5 for certificate signatures,check, if it is not the case. Citējot Tomas Macek : We have some web servers and I want to create self signe
We have some web servers and I want to create self signed certificates for
them.
What do I want:
- I want to create my own certification authority keys and
certificate, that will be imported to all web browsers of our employees
- I want to create certificates, that will be signed by my own
cer
Hi there
I have some Problems with encrypted emails.
A user sends me an encrypted mail where I have the corresponding certificate
and Key.
Unfortunately Mail (Apple) sais it cannot read that email and displays the
smime.p7s file only.
How can I check which certificate has been used to encrypt th
Hi There:
If you're looking for a cookbook, and want a fairly comprehensive explanation
of how all of the moving parts work:
http://www.carillon.ca/library/openssl_testca_howto_1.2.pdf
Have fun.
Patrick.
On August 19, 2009 07:18:39 am deblarinteln wrote:
> Hi Goetz, *,
>
> > There is the ma
g=
=erui
-END PGP SIGNATURE-
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager majord...@openssl.org
--
View thi
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
deblarinteln wrote:
| Hi Goetz,
Hello deblarinteln,
| | It is called subjectAltName extension.
|
| would you mind telling me how and where I have to define the AltName(s) ?
There is the man page x509v3_config.
It should contain the info you need.
A
configure them somehow?
Thanks a lot
Niels
--
View this message in context:
http://www.nabble.com/Howto-create-a-certificate-for-multiple-domains--tp24931183p24949301.html
Sent from the OpenSSL - User mailing list archive at Nabble.com
Hi Goetz,
| It is called subjectAltName extension.
would you mind telling me how and where I have to define the AltName(s) ?
And still, how will I get my *.pem certificate converted into a .cer
certificate?
Thanks a lot
Niels
--
View this message in context:
http://www.nabble.com/Howto
On 08/12/2009 09:50 AM, Goetz Babin-Ebell wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
deblarinteln schrieb:
| Hi,
|
| well I have to create a certificate for our maindomian as well as
for some
| subdomains.
|
| The structure will look pretty much like this:
|
| mydomain.tld
| mail.myd
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Emerson Saito wrote:
| Is needed one certificate for each domain or subdomain.
| Uses like *.mydomain.tld is not recomended.
???
What do you want to say ?
If you have one system that serves several addresses
(like mydomain.tdl, mail.mydomain.tdl, ow
Is needed one certificate for each domain or subdomain.
Uses like *.mydomain.tld is not recomended.
2009/8/12 Goetz Babin-Ebell
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> deblarinteln schrieb:
> | Hi,
> |
> | well I have to create a certificate for our maindomian as well as for
> some
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
deblarinteln schrieb:
| Hi,
|
| well I have to create a certificate for our maindomian as well as for some
| subdomains.
|
| The structure will look pretty much like this:
|
| mydomain.tld
| mail.mydomain.tld
| owa.mydomain.tld
It is called subjectAl
Hi,
>
> well I have to create a certificate for our maindomian as well as for some
> subdomains.
Use a wildcard domain for your CN
Unless each domain had a separate IP
You need to specify *.mydaomin.tld as the CN
HTH
Regards,
Serge Fonville
Has anyone of you an idea how to get that done, so t
the exchange 2007 server? What I have found so far
is that the Exchange server has to get a .cer file.
All your help is highly appreciated!
Thanks in advance
Niels
--
View this message in context:
http://www.nabble.com/Howto-create-a-certificate-for-multiple-domains--tp24931183p24931183.html
Hi,
My googling and searching the openssl website came up empty. Is there a
way I can specify subjectAltName="DNS:foo.bar.org,DNS:bar.org,DNS=foo"
on the openssl command line?
Thanks,
Patrick
__
OpenSSL Project
Thanks a lot!!!> Date: Wed, 20 Feb 2008 09:18:18 +0100> From: [EMAIL
PROTECTED]> To: openssl-users@openssl.org> Subject: Re: Howto asume yes by
default when generate a certificate..> > Francisco Javier schrieb:> > Hello, I
am trying to generate a certificate using an
Francisco Javier schrieb:
Hello, I am trying to generate a certificate using an external
application, but I need to automaticaly answer YES to the question
Sign the certificate? [y/n]:
exec("openssl ca -out certificados_usuarios/ALL/ALL_cert.pem -passin
pass:mipass -days 365 -infiles c
Hello, I am trying to generate a certificate using an external application, but
I need to automaticaly answer YES to the question
Sign the certificate? [y/n]:
exec("openssl ca -out certificados_usuarios/ALL/ALL_cert.pem -passin
pass:mipass -days 365 -infiles certificados_usuarios/ALL/AL
Hi all,
I have DTLS server/client model. My server is blocked in SSL_read.If
server received the packet from DTLS client how can I get the Client IP
infomation from SSL_read function.How to get the senders information from
SSL_read.
thanks in advance.
Regards
Prasanna.P.M.
Larsen & Toubro
Hi!
Some weeks ago I tried some things with Openssl in C.
I found evp to be very handy, and so I can cypher, decypher, sign, verify,..
I can work with complete messages, or I can work with streams.
I realized the way to everything, except to blind signing.
The way I'm trying is (on the same machi
Thanks for this. I also found the Openssl perl module useful
(http://search.cpan.org/dist/Crypt-OpenSSL-RSA/RSA.pm) as it has a
function new_key_from_parameters which uses the rsa components to
generate a key.
Dr. Stephen Henson wrote:
On Wed, Apr 11, 2007, Iain Pople wrote:
Hi,
I am tryin
On Wed, Apr 11, 2007, Iain Pople wrote:
> Hi,
>
> I am trying to replace a legacy system with openssl. The legacy system
> used RSA keys but stored them in its own format. I can extract the RSA
> components but I'm not sure how to generate a PEM formatted RSA key.
> What is the easiest way to
Hello,
> I am trying to replace a legacy system with openssl. The legacy system
> used RSA keys but stored them in its own format. I can extract the RSA
> components but I'm not sure how to generate a PEM formatted RSA key.
> What is the easiest way to do this? Can the command line tools do it,
Hi,
I am trying to replace a legacy system with openssl. The legacy system
used RSA keys but stored them in its own format. I can extract the RSA
components but I'm not sure how to generate a PEM formatted RSA key.
What is the easiest way to do this? Can the command line tools do it, or
do I
Thanks Victor for your help
STARTTLS=server, error: SSL_CTX_check_private_key failed(/demoCA/serverkey.pem)
the new cert I called serverkey.pem how do I creat the key for this file
Mike
On 3/19/07, Victor Duchovni <[EMAIL PROTECTED]> wrote:
On Mon, Mar 19, 2007 at 10:58:19AM -0400, Michael
Thanks
I made newcert.pem (thats not to replace the cacert is it) append the
private key to newcert.pem?? I have a cakey newkey(newreq)
Thanks Mike
On 3/19/07, Victor Duchovni <[EMAIL PROTECTED]> wrote:
On Mon, Mar 19, 2007 at 10:58:19AM -0400, Michael Fedor wrote:
> I created that...just
On Mon, Mar 19, 2007 at 10:58:19AM -0400, Michael Fedor wrote:
> I created that...just to get ssl/tls working how and what do I do
> with the files they sent me
Ensure that all 4 files are in PEM format. For each file try:
openssl x509 -in type_name_of_file_here -noout -issuer -subject
i
I created that...just to get ssl/tls working how and what do I do
with the files they sent me
Thanks
On 3/19/07, Victor Duchovni <[EMAIL PROTECTED]> wrote:
On Mon, Mar 19, 2007 at 10:40:18AM -0400, Michael Fedor wrote:
> They send me 4 files
>
> 1 AddTrustExternalCARoot.ca trust root
>
> 2
On Mon, Mar 19, 2007 at 10:40:18AM -0400, Michael Fedor wrote:
> They send me 4 files
>
> 1 AddTrustExternalCARoot.ca trust root
>
> 2 UTNAddTrustServer_CA.crt intermediate ca
>
> 3 NetworkSolutions_CA.crt intermediate ca
>
> 4 (domain) ther.comdomain cert
>
If they are your CA, it s
Im lost on how to bring in Certs from Network Solutions.. Im trying
to get TLS running TRUSTED. My OS redhat..and one of the problems
TLS is working from inside to out but anyone replying command unknown
STARTTLS=client, relay=mail.sterlingsavings.com., version=TLSv1/SSLv3,
verify=FAIL, cipher
On Sat, Mar 17, 2007 at 05:08:06PM -0400, Greg Martin wrote:
> Try this:
> openssl x509 -in filename.pem -text -noout
>
> You should see an issuer: statement that talks about the CA.
>
Rather depends on what the OP meant by "verify", and what context
this is to be performed.
--
Viktor
Try this:
openssl x509 -in filename.pem -text -noout
You should see an issuer: statement that talks about the CA.
\\Greg
Jamie F. wrote:
Hi all,
I have a bit strange Q: i've created a self-signed certificate (first
i created a CA (root certificate) then created another certificate
from it l
Hi all,
I have a bit strange Q: i've created a self-signed certificate (first i
created a CA (root certificate) then created another certificate from it
like that [http://www.tc.umn.edu/~brams006/selfsign.html]). but i can't find
how will i verify that if the second certificate made from the root
<[EMAIL PROTECTED]>
An: openssl-users@openssl.org
Betreff: [EMAIL PROTECTED]: Help: Howto create certificates with uid in
subject?]
> Forwarding to openssl-users for public discussion.
>
> Best regards,
> Lutz
> - Forwarded message from Christian Brandes
> <[EMA
On Thu, Jan 25, 2007, Lutz Jaenicke wrote:
>
> Hi,
>
> I am trying to issue certificates with a uid attribute in the subject like:
>
> Subject: .../CN=/emailAddress=/uid=
>
> How can I do that?
>
> In the "DISTINGUISHED NAME AND ATTRIBUTE SECTION" of openssl.conf I
> inserted:
>
> UID
Kv1GEw=;
Date: Thu, 25 Jan 2007 14:05:38 +0100
From: Christian Brandes <[EMAIL PROTECTED]>
User-Agent: Thunderbird 1.5.0.9 (Windows/20061207)
To: [EMAIL PROTECTED]
Subject: Help: Howto create certificates with uid in subject?
X-Virus-Scanned: by amavisd 0.1
X-Virus-Scanned: by amavisd 0.1
Hi,
John Mok wrote:
> As the number of PCs are many, it is too difficult, if not impossible,
> to install the self-signed certificates of both rootCA1 and rootCA2 as
> trusted root CAs on every PCs.
>
> Is there any better way that to cross-certify both rootCA1 and rootCA2,
> such that the machines wi
Hi,
There are two self-signed root CAs (e.g. rootCA1 and rootCA2) in the
organization I work for, and both have sub-CAs. For instance,
The sub-CAs of rootCA1 are :-
1. subCA1
2. subCA2
The sub-CAs of rootCA2 are :-
1. subCA3
2. subCA4
As the number of PCs are many, it is too difficult, if no
Hi all,I'm trying to add the x500UniqueIdentifier attrib to a cert request,and/or at the signing stage, but am not having success. Using
0.9.8c,the [x509_extensions] attrib:x500UniqueIdentifier = 'foo'causes:Error Loading extension section local_ca_extensions1972:error:0E06D06C:configuration file
Hi all,
I'm trying to add the x500UniqueIdentifier attrib to a cert request,
and/or at the signing stage, but am not having success. Using 0.9.8c,
the [x509_extensions] attrib:
x500UniqueIdentifier = 'foo'
causes:
Error Loading extension section local_ca_extensions
1972:error:0E06D06C:configura
On 18/07/2006, at 3:44 PM, Jorey Bump wrote:John Zornig wrote: I came across a mistake in one of the HOWTO documentshttp://www.openssl.org/docs/HOWTO/proxy_certificates.txt - in all other cases, proxy certificate validation can be enabled before starting the application by setting the
John Zornig wrote:
I came across a mistake in one of the HOWTO documents
http://www.openssl.org/docs/HOWTO/proxy_certificates.txt
- in all other cases, proxy certificate validation can be enabled
before starting the application by setting the envirnoment variable
OPENSSL_ALLOW_PROXY
I came across a mistake in one of the HOWTO documentshttp://www.openssl.org/docs/HOWTO/proxy_certificates.txt - in all other cases, proxy certificate validation can be enabled before starting the application by setting the envirnoment variable OPENSSL_ALLOW_PROXY with some non-empty value.This
t one provided by the
callback. How to obtain the session-id for comparation? Or is there another
way of selecting proper session?
Thanks, PL.
--
View this message in context:
http://www.nabble.com/Selecting-a-session-within-get_session_cb%28%29%3A-howto--t1212817.html#a3206419
Sent from the OpenSSL -
Hi,
I am trying to compile openssl using automake procedure on linux. How can i
do that. If anybody has done it please let me know how to exactly achieve
that.
Thank You.
_
Express yourself instantly with MSN Messenger! Download
Note: forwarded message attached.
__
Do you Yahoo!?
All your favorites on one personal page Try My Yahoo!
http://my.yahoo.com --- Begin Message ---
It works now! I have successfully sent an email using
smtp.gmail.com
as for auth login plain,
--
X-Sun-Data-Type: text
X-Sun-Data-Description: text
X-Sun-Data-Name: text
X-Sun-Charset: us-ascii
X-Sun-Content-Lines: 22
Not in this way.
I think you shouldn't use :smtp but rather the :25
But then later down you miss a layer: A BIO_read does not
necessarily give you 'a line' but
Serge wrote:
Wow! that was fast answer from this mailing list! Thanks a lot!
it works for the connection, I can say EHLO, and it answer, now, what
is the rest of sending an email using ssl/tls as gmail ask for
STARTTLS command which I send (I learned that by using telnet). But it
answer unrecong
Wow! that was fast answer from this mailing list! Thanks a lot!
it works for the connection, I can say EHLO, and it answer, now, what is the rest of sending an email using ssl/tls as gmail ask for STARTTLS command which I send (I learned that by using telnet). But it answer unrecongnized command? S
Serge wrote:
So far, I have tried with ssl functions, then with BIO functions but
without success. I have search an answer or documents explaining how
to do that but not found.
Here's what I do with ssl:
SSL *ssl;
SSL_CTX *ctx;
void __fastcall TForm1::Button1Click(TObject *Sender)
{
char rep
So far, I have tried with ssl functions, then with BIO functions but without success. I have search an answer or documents explaining how to do that but not found.
Here's what I do with ssl:
SSL *ssl;SSL_CTX *ctx;
void __fastcall TForm1::Button1Click(TObject *Sender){ char reply[1024]; SOCKET S
Hmm, i think that depends on which BN_ functions. In your example,
BN_bin2bn() returns a new BIGNUM object, so you do not need to BN_new().
b l wrote:
Hi,
If i reuse a BIGNUM created with BN_new() without
freeing it first will i cause a memory leak?
does the BIGNUM dynamically allocate memory eac
thanks Nils,
brian
--- Nils Larsch <[EMAIL PROTECTED]> wrote:
> b l wrote:
> > Hi,
> >
> > If i reuse a BIGNUM created with BN_new() without
> > freeing it first will i cause a memory leak?
>
> no
>
> > does the BIGNUM dynamically allocate memory each
> time
> > it is used by certain functio
b l wrote:
Hi,
If i reuse a BIGNUM created with BN_new() without
freeing it first will i cause a memory leak?
no
does the BIGNUM dynamically allocate memory each time
it is used by certain functions?
yes (but only if it's required)
for example
i create BIGNUM * tempBN=BN_new();
i might make a call
Hi,
If i reuse a BIGNUM created with BN_new() without
freeing it first will i cause a memory leak?
does the BIGNUM dynamically allocate memory each time
it is used by certain functions?
for example
i create BIGNUM * tempBN=BN_new();
i might make a call to
BN_bin2bn (char1,len,tempBN);
i might
On Wed, Dec 31, 2003, Christian Weber wrote:
> Dear OpenSSL user,
>
> does anybody have a hint how to add a signed attribute during signing
> with smime? Further: which OID should be taken to add a attribute like
> "siged on behalf of..." or "representing (a function)".
>
You need to use the lo
Dear OpenSSL user,
does anybody have a hint how to add a signed attribute during signing
with smime? Further: which OID should be taken to add a attribute like
"siged on behalf of..." or "representing (a function)".
In which order should that OID be added to the other signed attirbutes
(like signi
Attached is a guide that is
meant to be an easy to understand tutorial on how to install openssl, and a CA on a Windows operating system. I still
need to test some of the steps of the guide at home where I don’t have openssl installed yet. Please enjoy this early version, and
feedback is mo
Hello Everyone,
just wanted to contribute a short HOWTO as I have been spending the
last few days reading google groups, the openssl HOWTOs and didn't
really find a good one that teaches you how to get it done... any
comments appreciated!
anyway, great work OpenSSL team!
How to use OpenS
sauer" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Thursday, June 26, 2003 8:48 AM
Subject: HOWTO for pkcs11 patch?
> Hello List,
>
> trustway's pkcs11-patch came with basically no info about it's usage.
> Especially the handling of stored keys on the sm
Hello List,
trustway's pkcs11-patch came with basically no info about it's usage.
Especially the handling of stored keys on the smartcard is obscure.
(openssl normally can only deal with files)
req -newkey .. seems to work, but the key is not written to the card
Please, please can anybody give s
Please check www.tldp.org SSL Certificates HOWTO
Cheers.
On Mon, 2002-12-30 at 15:15, William Michael Grim wrote:
Hi there, I just signed up for openssl-users today because I was going to
ask a question but then think I figured out what I needed to figure out.
Anyway, I created a
Hi there, I just signed up for openssl-users today because I was going to
ask a question but then think I figured out what I needed to figure out.
Anyway, I created a HOWTO that isn't on the web site about how to create
signed certificates, etc.
It is a rough draft, and I would apreciat
Hi,
I was wondering how to put the id-etsi-qcs-QcCompliance statement (OID
0.4.0.1862.1.1) in a certificate under qcStatements in a certificate.
Is it possible to do so using openssl.cnf?
If not, does anyone know how i should put it in DER?
Thanks in advance,
Eelse-jan
__
ILLIOT@;oracle.com]
>Sent: Mittwoch, 13. November 2002 11:14
>To: [EMAIL PROTECTED]
>Subject: howto startup Apache SSL in batch mode
>
>
>Hi,
>I would like to startup apache in batch mode.
>when I launch the following command:
>httpdsctl startssl
>The script is asking me
Thanks Franck. I have referred to your docs often.
--- Franck Martin <[EMAIL PROTECTED]> wrote:
> I'm pleased to announce a new version of the SSL-Certificates-HOWTO.
>
> Thanks to all for your contributions and comments.
>
> Can someone put a link on the op
I'm pleased to announce a new version of the SSL-Certificates-HOWTO.
Thanks to all for your contributions and comments.
Can someone put a link on the openssl.org web site? Thanks.
Comments, critics,... you know how to join me...
Cheers.
-Original Message-
From: Greg Fer
Check out the Securing and Optimizing Linux Guide on www.linuxdoc.org.
There are detailed description, needs minor correction, to generate your own
certificate.
Good luck for you.
Liguo (Leo)
Alexey S. Poluntchenko wrote:
> using openssl X509 api ?
> mb any examples exist ?
>
> thanks
_
There r no such a directory exists. I saw the selfsign.c in demos but it
throws an exception (access violation) in callback function when dumping to
console (PEM_write_X509 & X509_write_fp). whats the problem?
thanks in advance
> On Mon, Sep 23, 2002 at 03:19:29PM +0400, Alexey S. Poluntchenko w
On Mon, Sep 23, 2002 at 03:19:29PM +0400, Alexey S. Poluntchenko wrote:
> using openssl X509 api ?
> mb any examples exist ?
openssl-0.9.6g/demos/x509/*
regards
christian
>
> thanks
__
OpenSSL Project
using openssl X509 api ?
mb any examples exist ?
thanks
Francois Guerry schrieb:
> I do not think that you can use every nCipher key with OpenSSL.
> You must build the key pair with a nCipher command (generatekey or keysafe)
> with the option "application" = embed (see nCipher documentation).
For OpenSSL Engine the application is hwcrhk...
> The priv
e Coue" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Tuesday, June 25, 2002 9:53 AM
Subject: Howto use a pivrate key contained inside a ncipher module ??
> Hi all,
>
> I've got a ncipher module in my box and I'd like to
>
1 - 100 of 158 matches
Mail list logo
