Better fix your browser - there is a tiny patch which
allows MS IE to work with 128 bit strong encryption.
--- Konstantin Kladko <[EMAIL PROTECTED]> wrote:
> Folks -
>
> We are trying to use OpenSSL with an RSA signed SGC
> certificate and Win
> 98 40-bit IE browser,
>
Hi all,
I am using openssl to generate CSRs using the REQ app.
Is there any way that I can request SGC certificates? I tried to find some
reference to it but unfortunatly couldn't.
Thanks for your help,
Ori.
__
Op
rder to work.
> So this solution isn't good for me.
> Is there a way to get into the code and disable the SGC in openssl ?
>
> Can I solve the problem by using a server certificate that doesn't support
> SGC ?
>
Yes that will also work and it should be cheaper too.
that needs the
RC4-MD5 cipher in order to work.
So this solution isn't good for me.
Is there a way to get into the code and disable the SGC in openssl ?
Can I solve the problem by using a server certificate that doesn't support
SGC ?
Thanks,
Itai.
-Original Message-
From: Dr S N
Itai Levy wrote:
>
> Hi,
>
> I'm using a web server based on openssl 0.9.5.
> When I use a certificate which enables the use of SGC, I have a problem to
> connect with IE 5.01 browsers.
> I know that the reason for this is that there is a bug in the implementation
&g
Hi,
I'm using a web server based on openssl 0.9.5.
When I use a certificate which enables the use of SGC, I have a problem to
connect with IE 5.01 browsers.
I know that the reason for this is that there is a bug in the implementation
of SGC in IE 5.01.
I use the cipher group DEFAULT:!RC4-M
olaris 5.6 with Sun cc. I'm using a verisign SGC cert (i've checked this).
I've tried the following SSLCipherSuite settings
SSLEngine on
SSLProtocol all
#SSLCipherSuite ALL:!ADH:!EXP56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCipherSuite HIGH:MEDIUM
#SSLCipherSuite RC4:!EXP56:@S
Several things to check. First try to see what forms of SGC your
certificate supports. You can do this with:
openssl x509 -in sgcert.pem -text -noout
Look for the extended key usage extension and see whether it says
Netscape, MS SGC or both.
MSIE SGC was only supported in OpenSSL 0.9.5 and
gt; vijay karthik wrote:
> >
> > Hi !
> >
> > I am facing a problem while configuring Global
> server
> > certificate - SGC support !
> >
> > 1> I got a verisign Global Serv ID(for SGC) :
> gsid.crt
> > 2> specified the gsid.crt
e v1.3
FCWw5amrsw A- C+ D H+++ M+[servercoder] P+ R++ T+++ W Z++ Sm++
RLCT/M*/LW* a cl/u/v>+ !d e- f> h++ iwf+++ j p->+ sm++
End FurryCode v1.3
On Mon, 6 Mar 2000, vijay karthik wrote:
> Hi !
>
> I am facing a problem while configuring Global se
vijay karthik <[EMAIL PROTECTED]> writes:
> Hi !
>
> I am facing a problem while configuring Global server
> certificate - SGC support !
>
> 1> I got a verisign Global Serv ID(for SGC) : gsid.crt
> 2> specified the gsid.crt under SSLCertificateFile
> 3&
Hi !
I am facing a problem while configuring Global server
certificate - SGC support !
1> I got a verisign Global Serv ID(for SGC) : gsid.crt
2> specified the gsid.crt under SSLCertificateFile
3> specified the key file
4> Got the intermediate verisign CA root(gsid_ca.crt)
and s
HI!
I read the mod_ssl-README about Server Gated Cryptography / Global
Server IDs. Well, that seems interesting to me. I created a server cert
for a Notes/Domino Server 4.61 with X.509v3 attributes msSGC and nsSGC
set. But the Domino Server seems not to accept the certificate. Does
somebody has e
Rene G. Eberhard wrote:
>
> BTW: I'm looking for Berkeley DB 1.85 on Windows.
> Does anybody have the port?
>
When I checked ages ago a port was present in the Mozilla source
release. Its only hash database support and a bit of a hack but it seems
to be fairly stable.
If you find a full port t
- Original Message -
From: Dr Stephen Henson <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, October 26, 1999 12:43 AM
Subject: Re: How to create a cert with SGC?
> The US export regulations don't automatically allow SGC to work just
> because a c
I like to create a CA key/cert, and a end user key/cert
with SGC on. And then, I need to import the CA key/cert
into Communicator or Explorer, and put the end user key/cert
to Apache+mod_ssl server.
How do I create the certs with SGC on and import the CA cert
to a browser using openssl-0.9.4
In article <[EMAIL PROTECTED]> you wrote:
> I heard that openssl has implemented the server-gated
> crypto(SGC) or the step-up protocol
> for selectively enabling strong crypto. Any pointers
> as to which version has it and which files
> in the source code relate
hi all,
I heard that openssl has implemented the server-gated
crypto(SGC) or the step-up protocol
for selectively enabling strong crypto. Any pointers
as to which version has it and which files
in the source code relate to its implementation ?
thanks,
arun
18 matches
Mail list logo
