On Mon, Oct 23, 2017 at 6:47 PM, Kyle Hamilton wrote:
> Out of curiosity, what are the algorithm identifiers for X25519 and Ed25519?
>
The ones I am aware of are available in
http://tools.ietf.org/html/draft-josefsson-pkix-newcurves.
Jeff
--
openssl-users mailing list
To unsubscribe: https://mt
Out of curiosity, what are the algorithm identifiers for X25519 and Ed25519?
-Kyle H
On Mon, Oct 23, 2017 at 3:24 PM, Jakob Bohm wrote:
> On 21/10/2017 15:38, Codarren Velvindron wrote:
>>
>> https://tls13.crypto.mozilla.org is using : The connection to this site is
>> encrypted and authenticate
On 21/10/2017 15:38, Codarren Velvindron wrote:
https://tls13.crypto.mozilla.org is using : The connection to this
site is encrypted and authenticated using a strong protocol (TLS 1.3),
a strong key exchange (X25519), and a strong cipher (AES_128_GCM).
Using openssl standard tools is it possib
They are NOT using a 25519 certificate; it says “key exchange”
From: Codarren Velvindron
Date: Saturday, October 21, 2017 at 9:38 AM
To: Rich Salz , openssl-users
Subject: Re: [openssl-users] Generating CSR based on an x25519 public key
https://tls13.crypto.mozilla.org<ht
On Sat, Oct 21, 2017 at 9:38 AM, Codarren Velvindron
wrote:
> https://tls13.crypto.mozilla.org is using : The connection to this site is
> encrypted and authenticated using a strong protocol (TLS 1.3), a strong key
> exchange (X25519), and a strong cipher (AES_128_GCM).
That's what Rich said: "X2
https://tls13.crypto.mozilla.org is using : The connection to this site is
encrypted and authenticated using a strong protocol (TLS 1.3), a strong key
exchange (X25519), and a strong cipher (AES_128_GCM).
Using openssl standard tools is it possible to generate a CSR through
Ed25519 ?
--
openssl-u
* How would we be able to achieve this? I have read somewhere on a 2016
mail in the archives that it is an "encrypt-only" algorithm and that is not
possible.
X25519 is a key-exchange-only algorithm. Ed25519 is a signing algorithm.
Unlike classic RSA, the signing and the key exchange are
Errata: I meant private key
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Hello,
How would we be able to achieve this? I have read somewhere on a 2016 mail
in the archives that it is an "encrypt-only" algorithm and that is not
possible.
But I have found many sites on let's encrypt already using this.
Does anyone know how to do this?
Thanks,
Codarren
--
openssl-user
> From: owner-openssl-us...@openssl.org On Behalf Of Jesse Keller
> Sent: Tuesday, 03 May, 2011 09:17
> I need to generate a CSR, but OpenSSL always crashes. What am I
doing wrong?
> c:\GnuWin32\bin>openssl genrsa -out switchvox.key 2048
> c:\GnuWin32\bin>openssl req
I need to generate a CSR, but OpenSSL always crashes. What am I doing wrong?
c:\GnuWin32\bin>openssl genrsa -out switchvox.key 2048
c:\GnuWin32\bin>openssl req -new -key switchvox.key -out switchvox.csr
-config ..\share\openssl.cnf
OpenSSL prompts me for the city, state, etc.
I fil
The rpm manager will only update if you install through rpm.
1.5 gb sounds absurd for a csr. Perhaps dump the beginning of
it to see if a particular field is incorrect.
[EMAIL PROTECTED] wrote on 09/11/2008 02:34:04 PM:
> I am running Red Hat Enterprise 5.2 with OpenSSL 0.9.8h. The
> version o
On Thu, Sep 11, 2008, Fink, David wrote:
>
> My problem is when I generate a csr, the csr file is over 1.5 GB.
> Needless to say I think my OpenSSL configuration is screwed up. By the
> way I am a noobie if you haven't already guessed.
>
There is a bug in 0.9.8h which affects certificate reque
I am running Red Hat Enterprise 5.2 with OpenSSL 0.9.8h. The version of
OpenSSL available for download from Red Hat Network was out of date so I
downloaded OpenSSL 0.9.8h from openssl.org and did a ./configure, make,
make install. Now, if I do a openssl version, it displays the correct
version, 0
thanks it is working fine now.
cheers
Rami
On Thu, Feb 21, 2008 at 6:17 PM, <[EMAIL PROTECTED]> wrote:
> Hello,
> > I want to get the CSR file to purchase an ssl certificate for securing
> SMTP on Sendmail,
> > OS=Redhat ES5 I ran the following:
> >
> > 1. to generate the private key: openssl g
Hello,
> I want to get the CSR file to purchase an ssl certificate for securing
SMTP on Sendmail,
> OS=Redhat ES5 I ran the following:
>
> 1. to generate the private key: openssl genrsa -des3 -out server.key
1024
> then i inserted my passphrase
>
> 2. to generate CSR: openssl req -key server.k
Hi,
I want to get the CSR file to purchase an ssl certificate for securing SMTP
on Sendmail, OS=Redhat ES5 I ran the following:
1. to generate the private key: *openssl genrsa -des3 -out server.key 1024*
then i inserted my passphrase
*2. *to generate CSR: *openssl req -key server.key -out serve
On Sun, Nov 16, 2003, Ñëåïíåâ Âëàäèìèð wrote:
> Thanks for the concise answer, although I had hoped for something more
> reassuring... Unfortunately, implementing a PKCS#11 interface to our
> card/applet, as well as writing an ENGINE or a Windows CSP for it, are
> all tasks a little out of our
Thanks for the concise answer, although I had hoped for something more
reassuring... Unfortunately, implementing a PKCS#11 interface to our
card/applet, as well as writing an ENGINE or a Windows CSP for it, are
all tasks a little out of our time frame for the project. And the
problem seems a ty
Can it be done?
thanks
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
Julio Cesar de Melhado e Lima <[EMAIL PROTECTED]> writes:
> Hiya,
>
> I'm using ssl0.9.5a on Solaris 8.
> I want to create a RSA private key for my Apache server (will be Triple-DES encrypted
> and PEM formatted):
> But, when I ran the command :
>
> ./openssl genrsa -rand -des3 -out server.key
You need to have a source for the -rand flag.
My solution was to use egd and create a file of sufficent length full of
random data.
then the command line was:
openssl genrsa -rand -des3 1024 > server.key
or
openssl genrsa -rand -des3 -out server.key 1024
Hope that helps.
Travis Theune
* Juli
Hiya,
I'm using ssl0.9.5a on Solaris 8.
I want to create a RSA private key for my Apache server (will be Triple-DES encrypted
and PEM formatted):
But, when I ran the command :
./openssl genrsa -rand -des3 -out server.key 1024
I have the following error :
0 semi-random bytes loaded
Generating
Nicolas Aragon wrote:
>
> Hello,
>
> On 29 Jan 00, at 19:48, Merton Campbell Crockett wrote:
>
> > To date, I have not been able to generate a CSR that is acceptable to the
> > Netscape Certificate Server. All requests are rejected with a "bad DER
> > encoding" error.
>
> I had the same error
Hello,
On 29 Jan 00, at 19:48, Merton Campbell Crockett wrote:
> To date, I have not been able to generate a CSR that is acceptable to the
> Netscape Certificate Server. All requests are rejected with a "bad DER
> encoding" error.
I had the same error message from Navigator with a certificat
n 2000 19:35:05 -0800 (PST)
> From: Merton Campbell Crockett <[EMAIL PROTECTED]>
> To: mod_SSL Users List <[EMAIL PROTECTED]>
> Subject: Generating CSR for Netscape Certificate Server based CA
>
> I need to create a Certificate Signing Request for the DoD Certificate
> Au
AIL PROTECTED]>
To: mod_SSL Users List <[EMAIL PROTECTED]>
Subject: Generating CSR for Netscape Certificate Server based CA
I need to create a Certificate Signing Request for the DoD Certificate
Authority. DoD uses a Netscape Certificate Server to manage and sign its
certificates.
To date, I h
27 matches
Mail list logo
