what about
rsa_public_key->n
and
rsa_public_key->e
You could do
BN *n = BN_dup(rsa_public_key->n);
BN *e = BN_dup(rsa_public_key->e);
And do what you want with them (don't forget to free them)
If you are wanting to display them
char *n_txt = BN_bn2dec(n);
char *e_txt = BN_bn2dec(e);
or
If you need to create a PGP key, OpenSSL does not do this. The
package you're looking for is GNU Privacy Guard, or gnupg, available
from http://gnupg.org/.
-Kyle H
On Fri, Jun 19, 2009 at 11:08 AM, Bizhan Gholikhamseh
(bgholikh) wrote:
> Hi,
> Thanks for yor help.
>> Are you doing this for a cer
Hi,
Thanks for yor help.
> Are you doing this for a certificate request?
No this is part of creating public and private key to exchange secure
information on line.
>
> openssl genrsa -des3 2048 > mykey.key
> openssl req -new -key mykey.key -sha256
I have more questions:
1- After issuing above com
Are you doing this for a certificate request?
openssl genrsa -des3 2048 > mykey.key
openssl req -new -key mykey.key -sha256
I do not believe that OpenSSL implements CAST. (the -des3 tells it to
use triple-DES; you can instead use -aes256 to use AES at 256 bits.)
-Kyle H
On Thu, Jun 18, 2009 at
On January 6, 2009 12:20:47 pm Richard Lichvar wrote:
> A newbieto OpenSSL here. (Mainly used to using 3rd party authorities.)
> Not very good at command line stuff either.
>
>
>
> 1. Cert request generated from IIS 6 but it is against the default
> website with .txt extension. Can a cert be
Much appreciated Endhy.
Garyc
--- Endhy Aziz <[EMAIL PROTECTED]> wrote:
> I wrote :
> "One of the chapter, "Designing With SSL" may help
> ".
>
> Should be :
> One of the chapter, "Coding With SSL" may help
>
> Regards,
>
> --Endhy
>
>
>
>
>
> >
>
__
I wrote :
"One of the chapter, "Designing With SSL" may help ".
Should be :
One of the chapter, "Coding With SSL" may help
Regards,
--Endhy
See "SSL and TLS" by Eric Rescorla. It describes SSL protocol completely,
including how to program with SSL. One of the chapter, "Designing With SSL"
may help you.
--Endhy
Excellent Chas.
Thanks,
Garyc
--- "Chas." <[EMAIL PROTECTED]> wrote:
> When I get back to my house this evening I will send
> you the file. Will that
> be alright?
>
> Chas.
>
> On 5/23/07, gary clark <[EMAIL PROTECTED]>
> wrote:
> >
> > Hey Chas,
> >
> > You dont happen to know the link. Did a
When I get back to my house this evening I will send you the file. Will that
be alright?
Chas.
On 5/23/07, gary clark <[EMAIL PROTECTED]> wrote:
Hey Chas,
You dont happen to know the link. Did a quick search
and just got the pdf with just the first 5 chapters?
Much appreciated,
Garyc
--- "Ch
Hey Chas,
You dont happen to know the link. Did a quick search
and just got the pdf with just the first 5 chapters?
Much appreciated,
Garyc
--- "Chas." <[EMAIL PROTECTED]> wrote:
> I believe a PDF is available for free on the
> Internet. I googled for it a
> few weeks ago thinking I would find a
I believe a PDF is available for free on the Internet. I googled for it a
few weeks ago thinking I would find an abstract of it and instead found the
entire book.
Chaz
On 5/23/07, gary clark <[EMAIL PROTECTED]> wrote:
Hey Mark,
Yep I think your right. Ordered the Network
Security with OpenSSL
Hey Mark,
Yep I think your right. Ordered the Network
Security with OpenSSL book.
Thanks,
Garyc
--- Mark <[EMAIL PROTECTED]> wrote:
> Hi,
>
> > I downloaded and installed open-ssl on a windows
> > environment. I then used the openssl application
> to
> > start the s_client and s_server.
> >
Hi,
> I downloaded and installed open-ssl on a windows
> environment. I then used the openssl application to
> start the s_client and s_server.
>
> I ran the client and server with the following
> commands. I then attempted to connect my client to the
> s_server. I managed to connect to the serv
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Rocky S schrieb:
> 1) I have installed openssl sources. In the certs directory,
> there are various certificates. I looked at a couple of
> them - aol1.pem & vsign1.pem.
>
> The vsign1.pem starts with
[...]
> The aol1.pem directly starts with BEGIN_C
Thanks Kyle. I had not been aware of the "registration authority"
option.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Kyle Hamilton
Sent: Monday, 3 April 2006 2:21 p.m.
To: openssl-users@openssl.org
Subject: Re: Newbie questions : 2 issues r
On 4/2/06, Davidson, Brett (Managed Services) <[EMAIL PROTECTED]> wrote:
> I can set the Cisco certificate to authenticate to the W2K domain.
> That's reasonably simple.
> Deciding what to do about things after that gets a little interesting
> but that's another topic... :-)
>
> The anonymous conne
e-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Kyle Hamilton
Sent: Monday, 3 April 2006 11:26 a.m.
To: openssl-users@openssl.org
Subject: Re: Newbie questions : 2 issues relating to interaction between
Linux, Windows 2000 and Cisco.
The Cisco also needs to be exempted from
I take it that the easiest solution is to establish a
certificate-authenticated VPN instead then?
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Kyle Hamilton
Sent: Monday, 3 April 2006 11:26 a.m.
To: openssl-users@openssl.org
Subject: Re: Newbie
The Cisco also needs to be exempted from the "authenticated domain
members" rule, unless you can set its identifying certificate up as
authenticatable to the domain. (You are authenticating against the
Windows 2000 domain, correct?)
There are known issues with restricting access to known machines
Exactly right!
"openssl s_client -CAfile demoCA/cacert -connect server.net:443"
This returns no errors.
However, I still get the following when I try to connect from Mozilla.
"The connection was refused when trying to contact 192.168.1.103"
Stupid me! I was using "http://";! It works perfectly wi
On Tue, Sep 14, 2004, Steve Ankeny wrote:
> Here's the commands I used to create my own CA and my own certificate
> and key
>
> "CA.pl -newca"
> "CA.pl -newreq"
> "CA.pl -signreq"
>
> Everything went well (no errors), and I wound up with newcert.pem and
> newreq.pem (as well as cacert.pem
Here's the commands I used to create my own CA and my own certificate
and key
"CA.pl -newca"
"CA.pl -newreq"
"CA.pl -signreq"
Everything went well (no errors), and I wound up with newcert.pem and
newreq.pem (as well as cacert.pem as expected).
I renamed newcert.pem and newreq.pem to help i
Very good suggestions! Thanks
I will not have time to try these until this evening, but I will report
any errors, etc. You guys are the best.
Dr. Stephen Henson wrote:
On Sat, Sep 11, 2004, Steve Ankeny wrote:
Sorry about the html
First of all, I am using Mozilla. I never use IE
What ve
On Sat, Sep 11, 2004, Steve Ankeny wrote:
> Sorry about the html
>
> First of all, I am using Mozilla. I never use IE
>
What version of Mozilla are you using? If you have a newer version then you
will have an "Import" button. You select Edit->Preferences->Private &
Security->Certificates.
Sorry about the html
First of all, I am using Mozilla. I never use IE
Secondly, every time I try to import the 'server.crt' it complains that
it is not in 'pkcs12' format.
Thirdly, the CA.pl "guides" are just as confusing as the OpenSSL guides.
I have yet to find a clear-cut description of
On Sat, Sep 11, 2004, Steve Ankeny wrote:
Please don't post in HTML.
As to your query. This is much easier if you follow the CA.pl instructions.
Some "guides" suggest you do all manner of strange and in some cases insecure
things.
You do *not* import the server private key and certificate into t
Hi Steve,
Here are a couple books that helped me understand SSL and the X.509
security model:
Network Security with OpenSSL, ISBN 059600270X
Planning for PKI, ISBN 0471397024
Joe
On Sep 10, 2004, at 1:17 PM, Steve Ankeny wrote:
I am designing a secure webserver for use in a small company. The
Hello,
Many thanks to all who answered my questions. I'm on the way to install ssh.
Best regards,
Serban
On Mon, Nov 01, 1999 at 12:01:59PM +, Pete Chown wrote:
> On Fri, Oct 29, 1999 at 02:33:41PM -0100, Serban Udrea wrote:
>
> > This mail is mainly focusing on SSLtelnet which I intend
SSH is nice, but I would also like to build SSL-telnet, and ran into the
same problem. Is anyone maintaining SSL telnet? Has anyone gotten an
SSL-enabled telnet to build against a recent version of OpenSSL?
-Mike Slass
WRQ, Inc.
"Dr. Greg Quinn" wrote:
>
> What about SSH instead?
>
> On Fri
30 matches
Mail list logo
