RE: configuration options 'fips' and 'makedepend' disabled by default on master

The 'fips' option is now disabled by default. For the 'makedepend' option, several people raised concerns whether the disadvantages of disabling it wouldn't outweigh the performance gain at build time, see discussion in pull request #15050. So I decided to drop pull request, the 'makedepend' opt

Re: Configuration file for subjectAltName

My Apologies. I was forwarding this to another email for archiving and I was sloppy with addressing before I hit send. Back to your program already in progress Lee Elia, Leonard F. wrote: On Tue, Sep 18, 2007 at 01:46:42PM -0500, Murphy, David F wrote: Exchange 2007 certificates and th

Re: Configuration file for subjectAltName

On Tue, Sep 18, 2007 at 01:46:42PM -0500, Murphy, David F wrote: Exchange 2007 certificates and the autodiscovery functions: According to this Microsoft article: http://msexchangeteam.com/archive/2007/07/02/445698.aspx a certificate

Re: Configuration file for subjectAltName

On Wed, Sep 19, 2007 at 04:09:29PM -0500, Murphy, David F wrote: > From what I can tell the extensions are just not being added to my > certificate. > > I see no indication the extensions were added in the output of the > following command ... > > [EMAIL PROTECTED]:Active] ssl.crt # openssl x509

RE: Configuration file for subjectAltName

ded? Thanks, David -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Murphy, David F Sent: Wednesday, September 19, 2007 1:07 PM To: openssl-users@openssl.org Subject: RE: Configuration file for subjectAltName I ran the following command, openssl x509 -t

RE: Configuration file for subjectAltName

= blah002.mysite.com <><><> Thanks, David -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of David Schwartz Sent: Wednesday, September 19, 2007 10:04 AM To: openssl-users@openssl.org Subject: RE: Configuration file for subjectAltName >

RE: Configuration file for subjectAltName

> Once I purchase a trusted certificate, I was assuming both of these > warnings would be removed; I thought a SAN-certificate would allow me to > connect to the website using alternative names without getting the > "invalid or does not match" warning. > > Thanks, > > David What error are you get

RE: Configuration file for subjectAltName

te would allow me to connect to the website using alternative names without getting the "invalid or does not match" warning. Thanks, David -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of David Schwartz Sent: Tuesday, September 18, 2007 6:54

RE: Configuration file for subjectAltName

> Below are my cnf file and the commands I tried. The key and the > crt were both created, however when I render the test website > using blah002.mysite.com I get a security warning message anyway. > I must have done something wrong or left off a step ... It's not clear what you are trying to d

RE: Configuration file for subjectAltName

] [mailto:[EMAIL PROTECTED] Im Auftrag von Victor Duchovni Gesendet: Dienstag, 18. September 2007 21:27 An: openssl-users@openssl.org Betreff: Re: Configuration file for subjectAltName On Tue, Sep 18, 2007 at 09:17:23PM +0200, Buddy Butterfly wrote: > # subjectAltName = @alt_na

Re: Configuration file for subjectAltName

On Tue, Sep 18, 2007 at 03:20:16PM -0500, Murphy, David F wrote: > Thanks Viktor and Buddy, > > Below is my cnf file and the commands I tried. The key and the > crt were both created, however when I render the test website using > blah002.mysite.com I get a security warning message anyway. I mu

RE: Configuration file for subjectAltName

- Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Im Auftrag von Victor Duchovni Gesendet: Dienstag, 18. September 2007 21:27 An: openssl-users@openssl.org Betreff: Re: Configuration file for subjectAltName On Tue, Sep 18, 2007 at 09:17:23PM +0200, Buddy Butterfly wrote: > # subjectAltN

Re: Configuration file for subjectAltName

On Tue, Sep 18, 2007 at 09:17:23PM +0200, Buddy Butterfly wrote: > # subjectAltName = @alt_names > > should be uncommented :-) Did you read the comment above that line. > # Verisign managed PKI, does not yet support subjectAltName in CSRs, > # instead they prompt for these in t

Re: Configuration file for subjectAltName

On Tue, Sep 18, 2007 at 01:46:42PM -0500, Murphy, David F wrote: > Exchange 2007 certificates and the autodiscovery functions: > > According to this Microsoft article: > http://msexchangeteam.com/archive/2007/07/02/445698.aspx > a > cer

RE: Configuration error

> When I try to start the server.. > > It gives the following error.. > > httpd: Syntax error on line 993 of /etc/httpd/conf/httpd.conf: Expected but saw > > I have checked several times. > > > Help me to locate the problem Please have a look at this thread: http://www.mail-archive.com/ge

Re: configuration file

On 19/07/06, Basel Katt <[EMAIL PROTECTED]> wrote: Hi, In fact I had the same problem, where the validity duration should be 365 days according to the config. file , but it is acctually one month. Is this a bug then? The config file value for 'days' being ignored? regards -- Dave Pawson

Re: configuration file seems to have priority over command line?

On Tue, 8 Mar 2005 20:53:17 -0800 (B"Ted Mittelstaedt" <[EMAIL PROTECTED]> wrote (B (B> How about creating a config file that does not have the CN and (B> emailAddress (B> fields? (B (BWell, thanks for the suggestion. Quoting from below, (B (B> > I tried commenting out the CN and emailAddr

RE: configuration file seems to have priority over command line?

How about creating a config file that does not have the CN and (BemailAddress (Bfields? (B (BTed (B (B> -Original Message- (B> From: [EMAIL PROTECTED] (B> [mailto:[EMAIL PROTECTED] Behalf Of Joel (B> Sent: Tuesday, March 08, 2005 6:02 PM (B> To: openssl-users@openssl.org (B> Subj

Re: Configuration file for a CRL

On Thu, Jul 03, 2003, Oliver Foden wrote: > What sections are needed in a .cnf file to work with > this command: > > ca -gencrl -config root.cnf -out CRLfile.pem > > im trying to create a CRL file to work with the code > included but keep getting this error: > > Using configuration from root.cn

Re: configuration problems - jsse....

"Nancy Pawlowski" <[EMAIL PROTECTED]> writes: > Does anyone recognize this error? > > I've had jsse with tomcat configured under linux - and it is running ok; >but am having problems running it under windows2000. This isn't an OpenSSL issue. Why are you posting it here? -Ekr

Re: Configuration CA in openssl

http://www.ultranet.com/~fhirsch/Papers/cook/ssl_cook.html     "Alex Lau(IMS)" wrote: I've just implemented Apache 1.3.12, mod_ssl s.6.6, openssl 0.9.5a. Searching through the docs and webs, no details configuration examples are found about how to use openssl as CA. Can anyone show me where to

Re: configuration

At 04:55 AM 12/22/99 , you wrote: >Hello all, > >I try to learn more about openssl > >The installation is ok !! >But I try to configure it and I can manage it ! > >Is someone can help me ? >Thanks in advance, >Fabrice Fabrice, The documentation is on the web site - http://www.openss