Re: Problems with SSL V3 and IIS

2001-08-09 Thread Eric Rescorla
Michael Shanzer <[EMAIL PROTECTED]> writes: > [1 ] > > --- Greg Stark <[EMAIL PROTECTED]> wrote: > > It would be easier to help you if you can get output > > from ssldump > > (www.rtfm.com/ssldump) for the failing connection > > attempt. > Attached is the output of ssldump. > Since I can not ge

Re: Problems with SSL V3 and IIS

2001-08-09 Thread Kenneth R. Robinette
Date sent: Thu, 9 Aug 2001 06:47:32 -0700 (PDT) From: Michael Shanzer <[EMAIL PROTECTED]> Subject: Re: Problems with SSL V3 and IIS To: [EMAIL PROTECTED] Send reply to: [EMAIL PROTECTED] Mike I missed the part abo

Re: Problems with SSL V3 and IIS

2001-08-09 Thread Michael Shanzer
--- Greg Stark <[EMAIL PROTECTED]> wrote: > It would be easier to help you if you can get output > from ssldump > (www.rtfm.com/ssldump) for the failing connection > attempt. Attached is the output of ssldump. Since I can not get the keys out of IIS All the data is still encrypted. Thanks for any

Re: Problems with SSL V3 and IIS

2001-08-09 Thread Michael Shanzer
--- "Kenneth R. Robinette" <[EMAIL PROTECTED]> > You must be running a version I have never seen or a > real old one. IIS 4.0 which is the latest version that runs under NT4. The behavior you are describing sounds like IE, which is much nicer about letting you export keys. Mike

Re: Problems with SSL V3 and IIS

2001-08-09 Thread Kenneth R. Robinette
Date sent: Thu, 9 Aug 2001 06:00:17 -0700 (PDT) From: Michael Shanzer <[EMAIL PROTECTED]> Subject: Re: Problems with SSL V3 and IIS To: [EMAIL PROTECTED] Send reply to: [EMAIL PROTECTED] You must be running a ver

Re: Problems with SSL V3 and IIS

2001-08-09 Thread Michael Shanzer
--- "Kenneth R. Robinette" <[EMAIL PROTECTED]> wrote: > > Yes, it does support pkcs-12 but Microsoft refers to > them as .pfx. > Simple use the openssl command Eric referenced and > use a > filename such as out.pfx or rename a .p12 to .pfx > > Ken >From the IIS key manager menu, there is a o

Re: Problems with SSL V3 and IIS

2001-08-09 Thread Kenneth R. Robinette
Date sent: Wed, 8 Aug 2001 19:05:53 -0700 (PDT) From: Michael Shanzer <[EMAIL PROTECTED]> Subject: Re: Problems with SSL V3 and IIS To: [EMAIL PROTECTED] Send reply to: [EMAIL PROTECTED] Mike Yes, it does support p

Re: Problems with SSL V3 and IIS

2001-08-08 Thread Eric Rescorla
Dr S N Henson <[EMAIL PROTECTED]> writes: > Michael Shanzer wrote: > > > > Is there a select equivlant or is my work around good > > enough (if SSL_read returns -1 check the return value > > of SSL_get_error, and if it returns 2, try again...). > > > > If you mean retry SSL_read then that will

Re: Problems with SSL V3 and IIS

2001-08-08 Thread Michael Shanzer
--- Eric Rescorla <[EMAIL PROTECTED]> wrote: > You should be able to use 'openssl -pkcs12' to > extract the > keys. IIS does not export it's keys into a PKCS#12 file. At least I have not found a way to export them into a PKCS #12 file. Not sure what the file format is. Mike _