> From: owner-openssl-us...@openssl.org On Behalf Of Mr.Rout
> Sent: Wednesday, 18 January, 2012 02:52
> root@1143726:/usr/bin# openssl s_client -connect 10.204.4.69:7003
> WARNING: can't open config file: /usr/ssl/openssl.cnf
> CONNECTED(0003)
> depth=0 C = IN, ST = Karnataka, L = Bangalo
Hi,
Tried the given function, it compiles but throws error "Run-Time Check
Failure #3 - The variable 'rsa' is being used without being defined.". Any
clue?? And the char * buf contains the key right??
Thanks & Regards
Shalmi
Marek Marcola wrote:
>
> Hello,
>> ok i l try that.let me know u
thank you, its working fine.
Marek Marcola <[EMAIL PROTECTED]> wrote: Hello,
> ok i l try that.let me know u ..
You may try something like that (not tested):
int rsa_read_pem(RSA ** rsa, char *buf, int len)
{
BIO *mem;
if ((mem = BIO_new_mem_buf(buf, len)) == NULL) {
goto err;
Hello,
> ok i l try that.let me know u ..
You may try something like that (not tested):
int rsa_read_pem(RSA ** rsa, char *buf, int len)
{
BIO *mem;
if ((mem = BIO_new_mem_buf(buf, len)) == NULL) {
goto err;
}
*rsa = PEM_read_bio_RSAPrivateKey(mem, NULL, NULL, NULL);
ok i l try that.let me know u ..
Marek Marcola <[EMAIL PROTECTED]> wrote: Hello,
> i tried that way, now its generating coredump files.is there any other
> way to solve that issue...
You should use something like that (buf and len has your key):
unsigned char *p;
RSA *rsa = NULL;
p = b
i tried that way,buffer information is not DER format.
buffer header like this.
-BEGIN RSA PRIVATE KEY-
..
-END RSA PRIVATE KEY-
Is they anyother way to resolve that problem?
Marek Marcola <[EMAIL PROTECTE
Hello,
> i tried that way, now its generating coredump files.is there any other
> way to solve that issue...
You should use something like that (buf and len has your key):
unsigned char *p;
RSA *rsa = NULL;
p = buf;
if ((rsa=d2i_RSAPrivateKey(NULL,&p,(long)len)) == NULL){
goto err;
}
if (
i tried that way, now its generating coredump files.is there any other way to
solve that issue...
Marek Marcola <[EMAIL PROTECTED]> wrote: Hello,
>
> I have a RSA key information on buffer.i want to merge with buffer
> content to SSLcontext object.
> i am using
> SSL_CTX_use_RSAPrivateKey_A
Hello,
>
> I have a RSA key information on buffer.i want to merge with buffer
> content to SSLcontext object.
> i am using
> SSL_CTX_use_RSAPrivateKey_ASN1(ctxr[i],keyinfo,strlen(keyinfo)) this
> SSL API.
> that API is failing . it gives following error message.
>
>
> 9755: error:0D0680A8:as
It is the OCSP responder cert. I suppose you already
have that, right? Or you can use this one which will
expire on Sep 15, 2005 though.
-BEGIN CERTIFICATE-
MIID2jCCA0OgAwIBAgIQaVnCDg78Yj+N1V5h9xQh0jANBgkqhkiG9w0BAQUFADCB
lDELMAkGA1UEBhMCVVMxGDAWBgNVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UE
CxM
Hi Paul,
Thats great. Thanks for your quick response.
What is tgv.pem file. how can we get that file.
Thanks in advance,
Varma
On 8/24/05, Paul Simon <[EMAIL PROTECTED]> wrote:
> Maybe your URL is wrong. I just tried this:
>
> openssl ocsp -issuer VeriSignClientECA.pem -url
> http://ocsp.veri
Maybe your URL is wrong. I just tried this:
openssl ocsp -issuer VeriSignClientECA.pem -url
http://ocsp.verisign.com -cert eca_usr_cert.pem
-VAfile tgv.pem -no_nonce -text
and it works fine as follows:
D:\prjs\ocsp\newEcaCA>openssl ocsp -issuer
VeriSignClientECA.pem -url http://ocs
p.verisign.co
Hi, Thanks a lot prakash for your reply. Actually my application works in this way1) I will get the x.509 certificate from any server(lets say) yahoo.com, now from that i will extract
yahoo.com user certificate(may be issued by verisign or others), issuers root certificate.2) Now i need to chec
Hi,
The -Vafile option is used for explicitly trusting the responder certificate of the ocsp serverSo if you omit this option you will get the "unable to get local issuer certificate" error.
To get this command workingopenssl ocsp -url http://ocsp.verisign.com:8080 -issuer ROOT_CA.pem -VAfile OCS
Hi,
Is the following command for requesting OCSP status using openSSL is correct?
1) "ocsp -url http://ocsp.openvalidation.org -issuer ROOT_CA.pem -VAfile OCSPServer.pem -cert User.pem".
If i change above command, BY REMOVING OCSPServer.pem file i am getting status as good but with a message
On Tue, Aug 16, 2005, varma d wrote:
>
> But, In this command what is the purpose of OCSPServer.pem, i still dont
> understand the purpose of OCSPServer.pem as we need to just send our request
> and expect a response from OCSP responder irrespective of OCSPServer.pemfile.
>
This is an issue o
>From what I can see, SSL is defined as "typedef struct ssl_st SSL" in
ssl.h. If you search for "struct ssl_st" in ssl.h you will find the
definition for that structure.
Hope that helps!
On Sat, 2004-10-02 at 19:00, lu lu wrote:
> Hi, list members.
> I really want help very much. I asked th
http://www.openssl.org/support/
On Fri, 20 Aug 2004, Buddy wrote:
> Anyone out there, please help me! I am disabled and do not want to continue to see
> your conversations, although I appreciate the reason and the cause of the
> conversations.
> I just want off the list.
> Thanks,
> Buddy
>
>
On Mon, Mar 17, 2003, luke wrote:
>
> i have try many times.
> i got the same error message.
> ==
> perl Configure VC-WIN32
> .\ms\do_nt.bat
> nmake -f .\ms\nt.mak
>
> ps .net vc++(vc++ v7)
>
> .
> ui_compat.c
> cl /Fotmp32\krb5_asn.obj
, September 27, 2001 1:35 AM
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: Re: Please help me!
Hello Ryan!
Thank you very much.
I have added the line in the Certificate Extensions section of my
openssl.cnf file:
crlDistributionPoints=URI:http://cert.vrn.ru/crl/main.crl
and then I made some
--- Original Message -
From: "Ryan Hurst" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, September 26, 2001 10:15 PM
Subject: RE: Please help me!
> Valery --
>
> This field in a certificate points to where the issuer will make its
> certificate revocat
Valery --
This field in a certificate points to where the issuer will make its
certificate revocation list available. If you are using OpenSSL or OpenCA
(based off of OpenSSL) to issue your certificates you will want to probably
put up a web server or LDAP capable directory where you can
¾ç½Â¸ð£¬ÄúºÃ£¡
Openssl>req -new -x509 -keyout ./demoCA/private/cakey.pem -out ./demoCA/cacert.pem
Openssl>req -out reqU.pem -keyout keyU.pem -new
Openssl>ca -policy policy_anything -out certU.pem -infiles reqU.pem
Openssl>pkcs12 -in certU.pem -inkey reqU.pem -certfile ./demoCA/cacert.pem -out
Hi,
in short:
using SSL you have two parts of encryption:
first a public/secret key system (asymmetric cryptographie) is used to
establish a connection and to agree for a common secret key.
When both parties have agreed to that common secret key (which is, in
short, encrypted with the public keys
24 matches
Mail list logo
