> From: perumal v
> Sent: Wednesday, 4 November, 2020 02:13
> change is highlighted below and basically keeping [] brackets for ipv6 :
>
> OCSP_parse_url
> p = host;
>if (host[0] == '[') {
>/* ipv6 literal */
> //host++;
>p = strchr(host, ']');
>if (!p)
>
HI,
it started working after modification in OCSP_parse_url
change is *highlighted* below and basically keeping [] brackets
for ipv6 :
OCSP_parse_url
p = host;
if (host[0] == '[') {
/* ipv6 literal */
*//host++; *
p = strchr(host, ']');
if (!
> From: openssl-users On Behalf Of perumal v
> Sent: Monday, 2 November, 2020 07:57
> I tried openssl ocsp for ipv6 and got the error message for the OCSP.
> openssl ocsp -url http://[2001:DB8:64:FF9B:0:0:A0A:285E]:8090/ocsp-100/
> -issuer ...
> Error creating connect BIO
> 140416130504448:erro
Hi,
Could you please tell me how to do the set up of local ocsp responder as you
did it like http://ocsp_responder:3456.?
Its really urgent and time is less.
--
View this message in context:
http://openssl.6102.n7.nabble.com/OpenSSL-OCSP-tp15350p46874.html
Sent from the OpenSSL - User mailin
Salz, Rich wrote:
neither >/dev/null nor 2>&1 >file nor 2>&1 >/dev/null, let this line
"disappear"
Redirections happen left-to-right. So do this:
>/dev/null 2>&1
left-to-right? outer-to-inner, I understand;
Or the simpler
2>/dev/nul
ok
Thanks,
Walter
Dr. Stephen Henson wrote:
On Wed, Dec 12, 2012, Walter H. wrote:
Hello,
when using
openssl ocsp ...
in a CGI skript, you must use -noverify
because without, this creates the line
Response verify OK
neither >/dev/null nor 2>&1 >file nor 2>&1 >/dev/null, let this line
"disappear"
so this
> neither >/dev/null nor 2>&1 >file nor 2>&1 >/dev/null, let this line
> "disappear"
Redirections happen left-to-right. So do this:
>/dev/null 2>&1
Or the simpler
2>/dev/null
--
Principal Security Engineer
Akamai Technology
Cambridge, MA
___
On Wed, Dec 12, 2012, Walter H. wrote:
> Hello,
>
> when using
>
> openssl ocsp ...
>
> in a CGI skript, you must use -noverify
> because without, this creates the line
>
> Response verify OK
>
> neither >/dev/null nor 2>&1 >file nor 2>&1 >/dev/null, let this line
> "disappear"
>
> so this s
On Mon, Dec 10, 2012, Walter H. wrote:
> Hello,
>
> I have created a self signed root CA certificate, and two other CA
> certificate, that I signed with this self signed root certificate;
> and these SubCA certificates are used for signing requests;
>
> with the root CA I signed also a certifica
On Thu, Feb 17, 2011, Frantz, Stacey M CIV NIOC PCOLA wrote:
>
> How can I tell if openssl on my server is acting as a server and calling
> SSL_CTX_set_tlsext_status_cb on the server's SSL_CTX? This includes Apache
> httpd >= 2.3.3, if configured with "SSLUseStapling On".
Well it's pretty clear
On Tue, Jun 08, 2010, Arunkumar Manickam wrote:
>
> When will an ocsp responder respond with "unauthorized error" for a ocsp
> request. It is an windows server 2008 machine.
>
Well when, for some reason, the rsponder doesn't like the requestor. This
could be, for example, because it is expectin
[EMAIL PROTECTED] wrote:
Hi all,
I try to ask an ocsp responder for the status of some certificates using
openssl as ocsp client.
Doing that the client produces the following Messages:
---
C:\Programme\
In message <[EMAIL PROTECTED]> on Wed, 6 Jul 2005 09:07:23 -0700, "Choudhary,
Bimalendu" <[EMAIL PROTECTED]> said:
bchoudhary> 2) When I send the serial number 0x81 the der encoded
bchoudhary>serial number is
bchoudhary>
bchoudhary> 02 02 00 81
bchoudhary>
bchoudhary> 4) When I send the ser
On Tue, Aug 05, 2003, Werner Johansson wrote:
>
>
> Is the OCSP components of the OpenSSL library considered "stable" in the
> sense that the API has settled, or are there major changes planned??
>
Yes pretty stable. If changes are made the older functions will be retained
for compatibility.
On Mon, Aug 04, 2003, Werner Johansson wrote:
> Thanks for the input!
>
> I see now how some of the options to the ocsp command would make sense
> (as it's being used as a test tool).
> What I was experimenting with here was the possibility to create a small
> module for Apache that could make an
CA, right??
Regarding Mozilla I'll take a look at how they handle the OCSP-checking.
/Werner
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Dr. Stephen Henson
Sent: den 4 augusti 2003 14:47
To: [EMAIL PROTECTED]
Subject: Re: OpenSSL OCSP interaction
Respon
Responses inline.
On Mon, Aug 04, 2003, Werner Johansson wrote:
> Hi list!
>
> (Tried posting this a few days back, but it got lost in the process,
> trying again...)
>
> I have been experimenting with the OCSP "client" in OpenSSL, using a
> command line like this:
>
> openssl ocsp -issuer le
17 matches
Mail list logo
