...@openssl.org]
On Behalf Of Jeffrey Walton
Sent: Sunday, May 25, 2014 9:28 PM
To: OpenSSL Users List
Subject: Re: SSL_CTX_use_PrivateKey_file
On Sun, May 25, 2014 at 11:39 AM, Viktor Dukhovni
wrote:
> On Sun, May 25, 2014 at 11:28:04AM -0400, Jeffrey Walton wrote:
>
>> >
On Sun, May 25, 2014 at 11:39 AM, Viktor Dukhovni
wrote:
> On Sun, May 25, 2014 at 11:28:04AM -0400, Jeffrey Walton wrote:
>
>> > sip_trp_ssl_ctx = SSL_CTX_new( TLSv1_method() );
>> > if ( sip_trp_ssl_ctx == NULL ) {
>> > ERROR("FI_init_ssl_context: SSL_CTX_new with TLSv1_method fa
ey.pem";
ssl_init_status FI_init_ssl_context (void)
{
SSL_CTX *sip_trp_ssl_ctx;
sip_trp_ssl_ctx = SSL_CTX_new( TLSv1_method() );
if ( sip_trp_ssl_ctx == NULL ) {
ERROR("FI_init_ssl_context: SSL_CTX_new with TLSv1_method failed");
return SSL_INIT_ERROR;
On Sun, May 25, 2014 at 11:28:04AM -0400, Jeffrey Walton wrote:
> > sip_trp_ssl_ctx = SSL_CTX_new( TLSv1_method() );
> > if ( sip_trp_ssl_ctx == NULL ) {
> > ERROR("FI_init_ssl_context: SSL_CTX_new with TLSv1_method failed");
> > return SSL_INIT_ERROR;
> > }
>
> Well,
gt; }
>
> if ( SSL_CTX_use_certificate_file(sip_trp_ssl_ctx_client,
> tls_cert_name,
> SSL_FILETYPE_PEM ) != 1 ) {
> ERROR("FI_init_ssl_context: SSL_CTX_use_certificate_file (client
SSL_FILETYPE_PEM ) != 1 ) {
ERROR("FI_init_ssl_context: SSL_CTX_use_certificate_file (client)
failed");
return SSL_INIT_ERROR;
}
if ( SSL_CTX_use_PrivateKey_file(sip_trp_ssl_ctx,
tls_key_name,
On 25/05/14 13:11, Mody, Darshan (Darshan) wrote:
> Hi,
>
>
>
> When I try to read the EC Private Key file I get an error from the
> openssl.
>
>
>
> Is there another way to use the Elliptic curved Private key. Please note
> that I generate the Public and Private keys via the command lin
Hi,
When I try to read the EC Private Key file I get an error from the openssl.
Is there another way to use the Elliptic curved Private key. Please note that I
generate the Public and Private keys via the command lines and use the
public-private key in my program
Thanks
Darshan
enssl-users@openssl.org
Subject: SSL_CTX_use_PrivateKey_file does not work with Elliptic Curve
Private Key
Hi,
I am new to openssl APIs. However I am using the current code from SIPp.
Below is the code snippet for the Private Key
if ( SSL_CTX_use_PrivateKey_file(sip_trp_ssl_ctx_c
On 19/05/14 14:12, Darshan Mody wrote:
> -BEGIN EC PARAMETERS-
>
> -END EC PARAMETERS-
> -BEGIN EC PRIVATE KEY-
>
> -END EC PRIVATE KEY-
>
> My Private key looks as above
How did you generate your private key?
Try deleting the EC PARAMETERS section in the fi
Hi,
I am new to openssl APIs. However I am using the current code from SIPp. Below
is the code snippet for the Private Key
if ( SSL_CTX_use_PrivateKey_file(sip_trp_ssl_ctx_client,
tls_key_name,
SSL_FILETYPE_PEM
On Wednesday, December 5, 2012, Ashok C wrote:
> Hi,
> Our current SSL server loads plain-text private keys using
the SSL_CTX_use_PrivateKey_file() method. We are moving from this strategy
to use custom encrypted private keys using the TPM concept. For this, we
have an engine implemented. N
exponent and modulus are put in the EVP_PKEY).
From: Jeffrey Walton
To: openssl-users@openssl.org
Sent: Friday, December 7, 2012 4:52 PM
Subject: Re: How to over-ride SSL_CTX_use_PrivateKey_file() behavior with
custom engine
On Fri, Dec 7, 2012 at 5:05 AM, LN wrote:
>
> ...
On Fri, Dec 7, 2012 at 5:05 AM, LN wrote:
>
> ...
>
>> MS CAPI has an option to mark a private key as "exportable" when you
>> create or install it, which means that the private key can then be read
>> anyway, but I don't know if that feature is used by the OpenSSL "CAPI
>> Engine". It is almost
On 12/07/2012 11:05 AM, LN wrote:
> I have a feeling it does so because I tried to save that returned
> EVP_PKEY to a PEM file with PEM_write_bio_PrivateKey and then to load it
> back from the same file with PEM_read_bio_PrivateKey.
> Saving worked, but loading failed (with some decoding error
ile encrypted
with a password, then keeping it in the windows store, if I want to pass it to
OpenSSL (through boost::asio::ssl) :)
From: Jakob Bohm
To: openssl-users@openssl.org
Sent: Thursday, December 6, 2012 12:23 PM
Subject: Re: How to over-ride SSL_CTX_u
On 12/6/2012 9:13 AM, LN wrote:
Hi,
Somehow related to private keys but about loading them with CAPI
engine... Does someone know if the ENGINE_load_private_key() for CAPI
engine returns the PUBLIC KEY ?
I have a feeling it does so because I tried to save that returned
EVP_PKEY to a PEM file wit
.
PEM_write_bio_PUBKEY and PEM_read_bio_PUBKEY worked with the returned EVP_PKEY.
Thanks!
From: Ashok C
To: openssl-users@openssl.org
Sent: Thursday, December 6, 2012 7:03 AM
Subject: Re: How to over-ride SSL_CTX_use_PrivateKey_file() behavior with
custom engine
Thanks Steve and Kent for the pointers.
Makes things clear for now.
On Thu, Dec 6, 2012 at 4:22 AM, Dr. Stephen Henson wrote:
> On Wed, Dec 05, 2012, Ashok C wrote:
>
> > Hi,
> >
> > Our current SSL server loads plain-text private keys using the
> > SSL_CTX_use_Pr
On Wed, Dec 05, 2012, Ashok C wrote:
> Hi,
>
> Our current SSL server loads plain-text private keys using the
> SSL_CTX_use_PrivateKey_file()
> method. We are moving from this strategy to use custom encrypted private
> keys using the TPM concept. For this, we have an engin
Hi Ashok,
On Wed, Dec 5, 2012 at 12:29 AM, Ashok C wrote:
> Hi,
>
> Our current SSL server loads plain-text private keys using the
> SSL_CTX_use_PrivateKey_file() method. We are moving from this strategy to
> use custom encrypted private keys using the TPM concept. For this, we h
On Tue, Feb 27, 2007 at 01:49:13AM -0800, Anita Kumar wrote:
> static int password_callback(char *buf, int size, int rwflag, void *userdata)
> {
> printf("*** Callback function called\n");
> strcpy(buf, "ibmdw");
> return 1;
> }
>
> SSL_CTX_set_default_passwd_cb(ctx, &password_callback);
>
callback);
if(!SSL_CTX_use_certificate_file(ctx, "signedcert_27.pem", SSL_FILETYPE_PEM))
{
ERR_print_errors_fp(stdout);
SSL_CTX_free(ctx);
return 0;
}
printf("\nLoading Private key...\n");
if(!SSL_CTX_use_PrivateKey_file(ctx, "cert_27.key", SSL_FILETYPE_PEM))
Hi,
When I load the private key, using SSL_CTX_use_PrivateKey_file
function, and I fail to enter the correct one, i get the following
output (actually, i loop three times to ask the user to reenter the
password).
How can i make these error lines not appear?
I use the password_cb function to
SSL_CTX_use_PrivateKey_file inturn uses stdio calls to read the key file. Since
i want to avoid using stdio calls, Is there any other way of getting the key
file to setup the context.
Similarly for SSL_CTX_use_certificate_chain_file.
Any help is appreciated.
Thanks
Vijay
On Fri, Jun 06, 2003, Terence Leung wrote:
> Dear sir,
> I am writing Visual C++ to create secure communication socket.
> But when I use the function SSL_CTX_use_PrivateKey_file(),
> it always prompt "Enter PEM pass phrase:" to input the pass phrase in the scre
You have private key protected by password. To solve this, type:
OpenSSL>rsa -in -out
?ukasz Wojcicki
e-mail: [EMAIL PROTECTED]
__
OpenSSL Project http://www.openssl.org
User Support Mailing
Dear sir,
I am writing Visual C++ to
create secure communication socket.
But when I use the function
SSL_CTX_use_PrivateKey_file(),
it always prompt "Enter
PEM pass phrase:" to input the pass phrase in the screen.
I want to
ask how can I modify the program s
On Wed, Jan 08, 2003 at 09:40:58AM -0800, Fisk, Kevin wrote:
> Okay. Right now, I call SSL_CTX_use_PrivateKey_file with the parameter
> SSL_FILETYPE_PEM. What do I pass for the type PK (first parameter) to
> pass this. Do I need to convert the PEM file before it can be passed as
&
Okay. Right now, I call SSL_CTX_use_PrivateKey_file with the parameter
SSL_FILETYPE_PEM. What do I pass for the type PK (first parameter) to
pass this. Do I need to convert the PEM file before it can be passed as
an ASN.1 certificate? I tried only passing the private key portion as a
string
On Tue, Jan 07, 2003 at 04:06:34PM -0800, Fisk, Kevin wrote:
> Is there any way to pass a string with the private key, instead of reading it from a
>file, such as read it from a database and pass it to the function, without writing it
>to disk?
Please look into SSL_CTX_use_PrivateKey_ASN1(), whi
Is there any way to pass a string with the private key, instead of reading it from a
file, such as read it from a database and pass it to the function, without writing it
to disk?
Kevin
__
OpenSSL Project
Hi,
I encountered the following problem:
STARTTLS=server, error:
SSL_CTX_use_PrivateKey_file(/etc/mail/certs/MYkey.pem) failed
anyone has any idea to overcome this problem?
Thank you.
__
OpenSSL Project
hello
I meet a problem when I develop program with openssl.
I was doing server program, and when I come to the function
SSL_CTX_use_PrivateKey_file(...),the program consumed 100% cpu ,and this
state
remains for almost 7 minutes and seems to be no end. I just closed it!
I
Try
/* set callback for passphrases on private key files */
SSL_CTX_set_default_passwd_cb( context, pem_passwd_cb);
before calling SSL_CTX_use_PrivateKey_file(), where pem_passwd_cb could
be for non-crypted private key files
/* callback for private key files passphrase */
static int
Hi,
can somebody help me out.
when i use the SSL_CTX_use_PrivateKey_file() function
in my client and server program,
both the server and client progarm asks on the
command prompt to
Enter PEM pass phrase:
I dont want the user to enter the pass phrase , how to
avoid this situation. Is
Hi,
can somebody help me out.
when i use the
SSL_CTX_use_PrivateKey_file() function in my client
and server program,
both the server and
client progarm asks on the command prompt to
Enter PEM pass
phrase:
I dont want the user
to enter the pass phrase , how to avoid this situation
I'm trying this on a certificate file that has a known and verified
private key and when it prompts me for the password, and I type it in,
it always fails. I'm not sure of the problem. I tried inserting
fprintf(stderr,"trace here\n"); statements and I get no output from
anywhere where it seems I
>Hmmm. Are you manually calling PKC5_pbe_set() and EVP_PBE_CipherInit()?
>You shouldn't have to. This kind of thing should be automatically
>handled by the PKCS#8 code when you call SSL_CTX_use_PrivateKey_file(),
Dear Dr. Henson
Of course you were correct, I was on a wrong tr
> This seems not to be doing the trick:
> "X509_ALGOR *alg = PKCS5_pbe_set(NID_pbeWithMD5AndDES_CBC, /*iter*/0,
> (unsigned char*)salt , saltlen);
> EVP_PBE_CipherInit(alg->algorithm, /*password*/"password",
> /*passwordlen*/8,alg->parameter, &ctx, 0);&
uot;X509_ALGOR *alg = PKCS5_pbe_set(NID_pbeWithMD5AndDES_CBC, /*iter*/0, (unsigned char*)salt , saltlen);
EVP_PBE_CipherInit(alg->algorithm, /*password*/"password", /*passwordlen*/8,alg->parameter, &ctx, 0);"
Because this is still failing,
"SSL_CTX_use_PrivateKey_file(m_pC
[EMAIL PROTECTED] wrote:
>
> Hello everybody
>
> I am new to working with openssl so this may seem like a stupid
> question, but I just can't seem to get past this problem.
>
> The error that I am getting is:
> 425:error:06074079:digital envelope
> routines:EVP_PBE_CipherInit:unknown pbe
> algo
e load the privatekey using SSL_CTX_use_PrivateKey_file() but earlier call to SSL_CTX_use_certificate_file() returns just fine.
The error that I am getting is:
425:error:06074079:digital envelope routines:EVP_PBE_CipherInit:unknown pbe algorithm:.crypto\evp\evp_pbe.c:89:Type=pbeWithMD5AndDes-CBC
I
SSL_CTX_use_PrivateKey_file() seems to fail for me. I am reasonably new
to this. Is there any kind of error stack or description that I can
look at?
If it makes a difference, I have gotten a class 3 certificate from verisign,
and I believe that it is in PEM format.
Any help would be
44 matches
Mail list logo
