> From: Steven_M.irc
> Sent: Thursday, November 24, 2022 21:21
> > This is not true in the general case. There are applications which are
> > available on Linux which do not use the
> > distribution's package manager. There are applications which use their own
> > OpenSSL build, possibly link
Steven_M.irc via openssl-users wrote:
> Hi Michael, Thanks very much for replying to my e-mail/post. I
> apologize for the lateness of my reply.
>> This is not true in the general case. There are applications which are
>> available on Linux which do not use the distribution's pack
On Friday, 25 November 2022 05:21:00 CET, Steven_M.irc via openssl-users
wrote:
Hi Michael,
Thanks very much for replying to my e-mail/post. I apologize
for the lateness of my reply.
This is not true in the general case. There are applications
which are available on Linux which do not use the
ers-boun...@openssl.org On Behalf Of Michael
>
> Wojcik via openssl-users
> Sent: Monday, November 21, 2022 4:18 PM
> To: openssl-users@openssl.org
> Subject: Re: Upgrading OpenSSL on Windows 10
>
> > From: openssl-users openssl-users-boun...@openssl.org on behalf of
&
Hi Michael,
Thanks very much for replying to my e-mail/post. I apologize for the lateness
of my reply.
> This is not true in the general case. There are applications which are
> available on Linux which do not use the distribution's package manager. There
> are applications which use their own
enssl-users@openssl.org
Subject: Re: Upgrading OpenSSL on Windows 10
> From: openssl-users on behalf of
> Steven_M.irc via openssl-users
> Sent: Monday, November 21, 2022 15:56
> However, I am running Windows 10, and since (unlike Linux) every piece
> of software outside of Win
> From: openssl-users on behalf of
> Steven_M.irc via openssl-users
> Sent: Monday, November 21, 2022 15:56
> However, I am running Windows 10, and since (unlike Linux) every piece of
> software outside of Windows itself
> needs to be updated individually, I don't know how to track down every
Hi All,
A few weeks ago I sent this e-mail to the group:
https://mta.openssl.org/pipermail/openssl-users/2022-November/015613.html I
received a couple of replies, but sadly I have been too busy to respond to
them. Regardless, I need a bit more information please.
In one of the replies, Viktor s
On 20/10/2021 10:57, Kumar Mishra, Sanjeev wrote:
Hi,
I am upgrading the code from OpenSSL 1.0.1 to 3.0. I am getting
following compilation errors. Could you please suggest appropriate
changes for following-
1. X509err(X509_F_X509_STORE_ADD_CERT,ERR_R_MALLOC_FAILURE); error
Hi,
I am upgrading the code from OpenSSL 1.0.1 to 3.0. I am getting following
compilation errors. Could you please suggest appropriate changes for following-
1. X509err(X509_F_X509_STORE_ADD_CERT,ERR_R_MALLOC_FAILURE); error:
'X509err' was not declared in this scope
2.
Corrected the typo
From: Paramashivaiah, Sunil
Sent: Tuesday, August 17, 2021 3:48 PM
To: openssl-users@openssl.org
Cc: Bhattacharjee, Debapriyo (c)
Subject: Replacing DES_ede3_cbc_encrypt with EVP API's for upgrading to openssl
3.0
Hi All,
I am trying to upgrad
Hi All,
I am trying to upgrade over application to use openssl 3.0 from
openssl 1.0.2.
I am trying to replace DES_ede3_cbc_encrypt with EVP API's as
below.
DES_ede3_cbc_encrypt accepts 3 keys got from des_key_sched.
But for same thing t
On 11/08/2021 08:16, Paramashivaiah, Sunil wrote:
Hi All,
In our application we are using MD5_CBLOCK, SHA_CBLOCK, SHA256_CBLOCK,
SHA512_CBLOCK macros which are deprecated in openssl 3.0.
We are trying upgrade our application from using openssl
1.0.2 to openssl 3.0.
Hi All,
In our application we are using MD5_CBLOCK, SHA_CBLOCK, SHA256_CBLOCK,
SHA512_CBLOCK macros which are deprecated in openssl 3.0.
We are trying upgrade our application from using openssl 1.0.2 to
openssl 3.0.
Can we use EVP_MAX_BLOCK_LENGTH to replace all these
On 13/11/2019 09:22, Umamaheswari Nagarajan wrote:
> The following apis seems to be unavailable or modified in 1.1.1c,
>
> ENGINE_cleanup
This still exists, but was converted from a function to a macro that
does nothing. You no longer need to call it. OpenSSL 1.1.0+ cleans
itself up automatica
Hi,
We are upgrading the openSSL version from 1.0.2j to 1.1.1c in our product.
The following apis seems to be unavailable or modified in 1.1.1c,
ENGINE_cleanup
RAND_cleanup
CRYPTO_lock
RSA_PKCS1_SSLeay
DH_get_ex_new_index
DSA_get_ex_new_index
RSA_get_ex_new_index
Please advise on the
Hi All,
I am facinmg issue while upgrading my OpenSSL version from 1.0.2p to 1.1.1c.
I am facing the issue where "ENGINE_by_id("capi")" is not returning proper
pointer. I want to access windows certificate store with certificate and keys.
Snippet of my working code in 1.0
Thanks Michael,
I am using *ssleay_rand_add* function which was present in earlier version
of openssl
https://code.woboq.org/crypto/openssl/crypto/rand/md_rand.c.html#ssleay_rand_add
I don't find this file or function in latest version of openssl.
As I understood recommended way is to use engine
> From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf Of
> Chitrang Srivastava
> Sent: Tuesday, April 16, 2019 08:24
> I need suggestion regarding random number interface , earlier we were using
> RAND_METHOD.
That's a mechanism for telling OpenSSL what mechanism to use fo
Hi,
I am trying to upgrade openssl for my embedded OS platform. The one we
currently use is pretty old i.e. *OpenSSL 0.9.6a * , but porting to
Openssl 1.1.1b works fine.
I need suggestion regarding random number interface , earlier we were
using RAND_METHOD.
Can I still use the same mechanism?
On Tuesday, 2 April 2019 15:02:29 CEST Srinivasan T wrote:
> Hi Team,
>
> Recently we have upgraded to CentOS 7.6.1810 and the OpenSSL comes along
> with CentOS 7.6 is openssl-1.0.2k-16.el7_6.1.x86_64. We understand there
> are no updates available / backported in CentOS 7.6 mirrors beyond
> opens
Hi Team,
Recently we have upgraded to CentOS 7.6.1810 and the OpenSSL comes along
with CentOS 7.6 is openssl-1.0.2k-16.el7_6.1.x86_64. We understand there
are no updates available / backported in CentOS 7.6 mirrors beyond
openssl-1.0.2k.
Can we upgrade OpenSSL to 1.0.2r (for CVE fixes)? Is it rig
In message on Thu, 16 Nov
2017 17:59 + (GMT Standard Time), "Angus Robertson - Magenta Systems Ltd"
said:
angus> I'm updating our Delphi SSL code to support 1.1.1 in addition to 1.0.2
angus> and 1.1.0, common code with a few version checks. This is using Windows
angus> 10.
angus>
angus>
I'm updating our Delphi SSL code to support 1.1.1 in addition to 1.0.2
and 1.1.0, common code with a few version checks. This is using Windows
10.
With 1.1.1, SSL connections fail to initialise, failing with the first
BIO_read after setting up the context and BIOs. There is no real error
(I can
Awesome, I sit corrected in this case. :)
In any case, though, it's generally best to plan to recompile. (Who says
that TLS 1.4 will be able to be implemented in a binary compatible
manner?) And even with this news, it is certainly a requirement that the
original poster must plan to replace the
> On Apr 3, 2017, at 8:42 PM, Kyle Hamilton wrote:
>
>
> In other words, it is very unlikely that TLS 1.3 can be implemented
> in a binary-compatible manner. It is best if you plan to recompile
> your application against the version of the library that implements
> TLS 1.3.
Unlikely or not, t
Every new version of TLS requires code to be written. Sometimes it can be
implemented in a binary compatible manner, and in those situations you can
get the implementation of a new TLS version by simply replacing a DLL or
equivalent dynamic library. However, it's much more likely that the
impleme
> On Apr 3, 2017, at 5:58 PM, Benjamin Kaduk via openssl-users
> wrote:
>
>> I have an query regarding TLS compatibility used in my application.
>> Currently we are using TLS1.2 to connect to a third party sever. Is there
>> any way to always use the highest TLS available version without modi
On 04/03/2017 04:42 AM, Hegde, Harsha wrote:
>
> Hi,
>
> I have an query regarding TLS compatibility used in my application.
> Currently we are using TLS1.2 to connect to a third party sever. Is
> there any way to always use the highest TLS available version without
> modifying or recompiling the a
Hi,
I have an query regarding TLS compatibility used in my application. Currently
we are using TLS1.2 to connect to a third party sever. Is there any way to
always use the highest TLS available version without modifying or recompiling
the application code whenever there is any new version of TLS
Hi,
Thanks for the reply.
We are using the openssl library with nginx to serve traffic in a
multi-tenanted reverse proxy environment. We made no changes to our nginx
config/build outside of upgrading to openssl 1.0.2.
Currently, all servers are running openssl 1.0.1p except for a couple of
On 20/03/16 03:15, Andrew Payne wrote:
> Hello,
>
> My company is in the process of upgrading from openssl 1.0.1 to openssl
> 1.0.2. We noticed that when we use any version of openssl 1.0.2 we have
> an extremely high increase in memory usage. Around 15 or more gigs of
>
Hello,
My company is in the process of upgrading from openssl 1.0.1 to openssl
1.0.2. We noticed that when we use any version of openssl 1.0.2 we have an
extremely high increase in memory usage. Around 15 or more gigs of memory
extra are consumed.
My questions are as follows:
Are there any
> In openssl-1.0.1/fips-2.0 it is not possible to call the low-level APIs when
> in FIPS 140-2 mode. Is there another alternative that I can use? E.g. some
> API in the FIPS module?
Sorry, no.
--
Principal Security Engineer, Akamai Technologies
IM: rs...@jabber.me Twitter: RichSalz
Hi,
I'm in the process of upgrading from openssl-0.9.8/fips-1.2 to
openssl-1.0.1/fips-2.0. Our system can be built both with and without the fips
module. Furthermore, it can be built in a limited feature set configuration (no
fips). The limited feature set config only calls low-level op
This is almost certainly belongs in -users only, but if I restrict reply it
looks unanswered.
> From: owner-openssl-us...@openssl.org On Behalf Of Nayna Jain
> Sent: Thursday, July 31, 2014 17:37
> We got one of our openssl version upgraded to openssl 1.0.1e version.
> But after that I am facing
On Fri, Aug 1, 2014 at 3:07 AM, Nayna Jain wrote:
>
> Hi all,
>
> We got one of our openssl version upgraded to openssl 1.0.1e version.
> But after that I am facing this error at client side.
>
> error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number
>
> But I am not sure why is it giv
Hi all,
We got one of our openssl version upgraded to openssl 1.0.1e version.
But after that I am facing this error at client side.
error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number
But I am not sure why is it giving wrong version number as both client and
server has SSLv3 conne
Hi All,
I have recently upgraded my openssl version from 0.9.8l to 0.9.8za. But
after this I am not able to do ssh to my box which is in fips mode. No
issues with non fips mode.
Before upgrade it was worked fine in fips mode too.
Current version : OpenSSH_5.1p1, OpenSSL 0.9.8za-fips 5 Jun 2014
First of all, what system are you using?
_
From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of
laxminarayana.ganes...@maersk.com
Sent: Tuesday, April 15, 2014 1:40 AM
To: openssl-users@openssl.org
Subject: help upgrading to 1.0.1g
Hi Team
Hi Team,
Please provide me steps to download and upgrade to 1.0.1g.
Thanks in advance
Regards,
LaxmiNarayana
System Specialist, MDS - Operations
Maersk Drilling IT
Maersk Drilling, Maersk FPSOs, Maersk Supply Service
A.P. Moller - Maersk A/S
286/1, Prince Infocity, 7th Floor, Old Mahabalipuram ro
Thanks Luke appreciate the feedback!!
Brad Finkeldei
Luke Carpenter
Sent by: owner-openssl-us...@openssl.org
04/24/2012 02:36 PM
Please respond to
openssl-users@openssl.org
To
openssl-users@openssl.org
cc
Subject
Re: Upgrading OPENSSL
I would not advise attempting that, Apache is
I would not advise attempting that, Apache is compiled against a version of
OpenSSL, and simply swapping out the binaries Indiana-Jones style will
probably land you with a segfault
>From a preliminary search, it looks like you will need to re-compile the
Apache module mod_ssl against a later versi
I have installed Apache HTTP Server with OpenSSL 0.9.8t (MSI Installer)
>From the Apache.org Site.
Here is the file I downloaded and installed:
httpd-2.2.22-win32-x86-openssl-0.9.8t.msi
I want to upgrade OpenSSL on that machine without having to upgrade Apache
too.
How do I do that? step by
On Tue, Nov 09, 2010 at 01:31:40PM -0500, josh kirbey wrote:
> Thanks Viktor for your quick response. Even I am contesting the unnecessary
> usage of 3072 bit sized key.
>
> Surprisingly, in the given scenario, if I write this line of code before
> modifying the certificate it works like a charm.
Thanks Viktor for your quick response. Even I am contesting the unnecessary
usage of 3072 bit sized key.
Surprisingly, in the given scenario, if I write this line of code before
modifying the certificate it works like a charm.
pkcs7 = PKCS7_dup(pkcs7);
Below is the flow of APIs
1) pkcs7 = PKCS7_d
On Tue, Nov 09, 2010 at 11:42:14AM -0500, josh kirbey wrote:
> Hi All,
>
> We are required to upgrade the sizes of private/public key pairs to 3072
> bits from 1024 bits.
Welcome to bureaucratic insanity. There is no rational basis for
this requirement. Even 2048 bits is excessively conservative
Hi All,
We are required to upgrade the sizes of private/public key pairs to 3072
bits from 1024 bits.
We have two main data structures, X509Stack and PKCS7. We fill these two
structures at the initialization by reading the PEM files on disk.
During the upgrade process, I pick the X509stack and pi
I am starting from a working Axis2c 1.6 / OpenSSL 0.9.8l configuration on
Win 2008 R2 server. I am using a debug build and the Windows CRTDBG flags
to chase a memory leak of 40K per request, and am hoping that an upgrade to
OpenSSL 1.0 will get me out of this spot... I'm so close I can taste it
Baig, Attaullah wrote:
> Please help am I missing something
You are most likely not using the correct header files.
Some constants changed.
--
Arno Garrels
>
> Baig
__
OpenSSL Project http://www.
Please help am I missing something
Baig
Kyle Hamilton wrote:
The 1.2.0-test tarball IS NOT FIPS VALIDATED. You cannot make a
FIPS-validated module from it.
...
The 1.2.0-test tarball can be used to test the functionality of the
fully-validated 1.2.0 module, thus making it possible to build and
test and debug your application -- but
The 1.2.0-test tarball IS NOT FIPS VALIDATED. You cannot make a
FIPS-validated module from it.
When the 1.2.0 validation occurs, it will be announced here, the
certificate will be posted on the NIST's website, the full validated
tarball will be made available, and the certificate's Administration
thanx a lot and it worked but when i generated the HMAC-SHA-1 hash its
different from the one given in the security policy document .actually i
have installed the openssl-fips-test-1.2.0 and the security policy document
"OPENSSL FIPS 140-2 Secuirty Policy versin 1.1.2" Appendix B shows valu
On Fri, Jul 18, 2008, rabail javed wrote:
> Hi Bill,
> I have installed the openssl-fips-test-1.2.0 using the following commands
>
> ./config fipscanisterbuild
> make
> make install
>
>
> and the libraray is installed in the /usr/local/ssl and i have generated
> tehe fipscanister.o, fipscaniste
>
>
> The "make depend" is only required if options selected during config
> require it. A message will appear at the end of the config if it is needed.
>
>
>
> Bill
> --
>
> *From:* [EMAIL PROTECTED] [mailto:
> [EMAIL PROTECTED] *On Behalf Of *rabail
.
Bill
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of rabail javed
Sent: June 27, 2008 9:53 AM
To: openssl-users@openssl.org
Cc: James Erskine; Rifaat Shekh-Yusef
Subject: Re: upgrading openssl 0.9.8b to openssl-fips-1.1.1
Thanx a lot Bill, but if i wou
lf Of *rabail javed
> *Sent:* June 26, 2008 4:23 PM
> *To:* openssl-users@openssl.org
> *Cc:* James Erskine; Rifaat Shekh-Yusef
> *Subject:* upgrading openssl 0.9.8b to openssl-fips-1.1.1
>
>
>
> Hi ,
>
> I am upgrading the openssl 0.9.8b to openssl-fips-1.1.1. For
rabail javed
Sent: June 26, 2008 4:23 PM
To: openssl-users@openssl.org
Cc: James Erskine; Rifaat Shekh-Yusef
Subject: upgrading openssl 0.9.8b to openssl-fips-1.1.1
Hi ,
I am upgrading the openssl 0.9.8b to openssl-fips-1.1.1. For doing this
i need to delete the previous version and install the
Hi ,
I am upgrading the openssl 0.9.8b to openssl-fips-1.1.1. For doing this i
need to delete the previous version and install the newer version according
the instructions specified in
http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140sp/140sp733.pdf
By default all the files(bin, include
Hi all!
I've recently been put in charge of SSL, and I'm working my way through the
O'Reilly book.
However, I'm a bit stumped as to this problem.
I tried to upgrade our build system to use OpenSSL 0.9.8g, and thought I
succeeded.
However, the code is blowing up. The code is for caching sessi
In message <[EMAIL PROTECTED]> on Thu, 5 Jan 2006 11:37:40 -0500, Dan Peacock
<[EMAIL PROTECTED]> said:
bluedanunit> We have an application that is currently using OpenSSL
bluedanunit> 0.9.6c in conjunction with an Apache server. We've been
bluedanunit> told we should upgrade the libaries to 0.
Good Morning.
New user, please bear with.
We have an application that is currently using OpenSSL 0.9.6c in
conjunction with an Apache server. We've been told we should upgrade
the libaries to 0.9.6k or higher in order to plug the known holes with
this version of OpenSSL. I obtained the 0.9.8a
HelloIt's a nice-looking RHL 8 system with version openssl-0.9.6b-29. Needs to be upgraded to latest version.
A note on www.openssl.org
http://www.openssl.org/support/faq.html#BUILD8
The above refers to a "RHL 7.0 and later"1. Anybody knows the best way to do an "upgrade" of openssl w/o brea
We've been successfully using OpenSSL 0.9.6x for quite a number of revisions and have had no problems upgrading from one version to the next.However after upgrading to 0.9.6k we are getting this"SSL3_CHECK_CERT_AND_ALGORITHM:missing export tmp rsa key" error fromour clients w
enssl.
However, your time might be better spent upgrading to a newer version of
Linux.
-
John Airey, BSc (Jt Hons), CNA, RHCE
Internet systems support officer, ITCSD, Royal National Institute of the
Blind,
Bakewell Road, Peterborough PE2 6XU,
Tel.: +44 (0) 1733 375299 Fax: +44 (0) 1733 370848 [
the majority of people think it is.
> -Original Message-
> From: Francisco Javier Martinez Martinez
> [mailto:[EMAIL PROTECTED]
> Sent: 12 June 2003 14:20
> To: [EMAIL PROTECTED]
> Subject: RE: Upgrading to the lastest version, what happends with my
> Apach e-Mod_SSL?
>
artinez Martinez
> [mailto:[EMAIL PROTECTED]
> Sent: 12 June 2003 08:01
> To: [EMAIL PROTECTED]
> Cc: [EMAIL PROTECTED]; [EMAIL PROTECTED]
> Subject: Upgrading to the lastest version, what happends with my
> Apache-Mod_SSL?
>
>
> Hello.
>
> I want to upgrade the Op
rtinez Martinez
> [mailto:[EMAIL PROTECTED]
> Sent: 12 June 2003 08:01
> To: [EMAIL PROTECTED]
> Cc: [EMAIL PROTECTED]; [EMAIL PROTECTED]
> Subject: Upgrading to the lastest version, what happends with my
> Apache-Mod_SSL?
>
>
> Hello.
>
> I want to upgrade
n is:
It is necessary once I had upgraded the OpenSSL to recompile my Apache so
the mod_ssl could be linked to the new libraries of the OpenSSL or only
with upgrading the openssl is the work done?
Thanks in advance. Reg
In message <[EMAIL PROTECTED]> on Mon, 10 Mar 2003 14:42:08 -0500, Vinson Armstead -
PA <[EMAIL PROTECTED]> said:
Vinson_Armstead> Also, what is the difference between the "engine" and
Vinson_Armstead> "non-engine" source and which do I need?
The "engine" variant of the 0.9.6 series supports ext
Title: RE: upgrading from 0.9.6b to 0.9.7a & 0.9.6i engine
Thanks for the reply
Also, what is the difference between the "engine" and "non-engine" source and which do I need?
thanks again
Vinson
-Original Message-
From: Richard Levitte - VM
In message <[EMAIL PROTECTED]> on Mon, 10 Mar 2003 13:24:10 -0500, Vinson Armstead -
PA <[EMAIL PROTECTED]> said:
Vinson_Armstead> I need some suggestions for upgrading from 9.6b to
Vinson_Armstead> the latest/greatest version of OpenSSL.
Vinson_Armstead>
Vinson_Armstead>
But John...it will break them *how*? What are the error messages? I mean,
it *really* works for me. The OpenSSL site being down, I take the liberty
to quote the FAQ for 0.9.7:
> What is special about OpenSSL on Redhat?
> Red Hat Linux (release 7.0 and later) include a preinstalled limited
> vers
the problem
> exist.
>
> Then I read a workaround that I must build openssh --with-pam, and I did
> that. It's work!
>
> But why? Why do I need to use 'pam' after upgrading? Should I recompile
> all applications with 'pam' ?
Just means that OpenSSH ch
applications?
I tried with openssh, I removed ssh* in /usr/local/etc/ /usr/local/sbin /usr/local/bin,
recompiled, make install again. But still, the problem exist.
Then I read a workaround that I must build openssh --with-pam, and I did that. It's
work!
But why? Why do I need to use 'pam'
Hi,
I made this little guide to help for upgrading openssl on RedHat 7.3.
Please if you find any errors / corrections, just let me know.
Thanks to "David Tonhofer, m-plify S.A." <[EMAIL PROTECTED]>
Regards,
kapot
Upgrading OPENSSL on RedHat 7
Hi,
I made this little guide to help for upgrading openssl on RedHat 7.3.
Please if you find any errors / corrections, just let me know.
Thanks to "David Tonhofer, m-plify S.A." <[EMAIL PROTECTED]>
Regards,
kapot
Upgrading OPENSSL on RedHat 7
yal National Institute of the
Blind,
Bakewell Road, Peterborough PE2 6XU,
Tel.: +44 (0) 1733 375299 Fax: +44 (0) 1733 370848 [EMAIL PROTECTED]
Reality TV - the ultimate oxymoron
> -Original Message-
> From: Info [mailto:[EMAIL PROTECTED]]
> Sent: 18 September 2002 20:07
[EMAIL PROTECTED]
Reality TV - the ultimate oxymoron
> -Original Message-
> From: Info [mailto:[EMAIL PROTECTED]]
> Sent: 18 September 2002 20:07
> To: [EMAIL PROTECTED]
> Subject: upgrading
>
>
> I am running a redhat 7.2 box with openssl version of
> o
I am running a redhat 7.2 box with openssl version of openssl-0.9.6b-28. I
found a package openssl-0.9.6c-2.i386 , rawhide 1.0 for i386. Can i download
and and upgrade the present package with the rpm -Uvh packagename command?
Will it break the deps?
thanks
__
On Thu, Aug 29, 2002 at 10:32:46AM +0200, Vaclav Ovsik wrote:
> On Thu, Aug 29, 2002 at 05:21:39PM +1000, Reddie, Steven wrote:
> > We have some code that was working with OpenSSL 0.9.6d this morning. Now
> > that I've upgraded to 0.9.6g it's failing.
> >
> > OBJ_txt2nid("2.5.29.17") is now retu
On Thu, Aug 29, 2002 at 05:21:39PM +1000, Reddie, Steven wrote:
> We have some code that was working with OpenSSL 0.9.6d this morning. Now
> that I've upgraded to 0.9.6g it's failing.
>
> OBJ_txt2nid("2.5.29.17") is now returning 0 instead of the expected 85
> (NID_subject_alt_name).
>
> OBJ_ni
We have some code that was working with OpenSSL 0.9.6d this morning. Now
that I've upgraded to 0.9.6g it's failing.
OBJ_txt2nid("2.5.29.17") is now returning 0 instead of the expected 85
(NID_subject_alt_name).
OBJ_nid2sn(NID_subject_alt_name) does return "subjectAltName".
It seems that the ma
sr/local/ssl. I configure with..
./Configure shared threads linux-elf
make
make install
Be sure to configure with shared threads
- Original Message -
From: "Glynn S. Condez" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, August 14, 2002 1:55 AM
Subject: Re:
?
glynn
- Original Message -
From: "Adam Lewis" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, August 13, 2002 10:19 PM
Subject: Re: Upgrading openssl
> Thanks. Makes sense. That's been on my mind for quite some time.
>
pt.so.1 => /lib/libcrypt.so.1 (0x40043000)
libc.so.6 => /lib/i686/libc.so.6 (0x4200)
/lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x4000)
__SNIP__
- Original Message -
From: "Mark H. Wood" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tu
I just checked, and here Apache and OpenSSH both link to the shared
OpenSSL libraries. If yours were also linked with the shared libraries,
then a new patch release should just drop in. You'll need to exit and
restart sshd and httpd before they'll start using the new libraries,
though.
If you h
else experienced this problem when upgrading openssl
to a new version on a system that has pre-existing certificates? Should I
really be worried, or is something else causing my colleagues problems?
Thanks.
Regards,
Steve Romero
PS - the ingredients I've used in my build include:
+ Solaris
In Makefile.ssl I find the following:
@if [ -n "$(SHARED_LIBS)" ]; then \
tmp="$(SHARED_LIBS)"; \
for i in $${tmp:-x}; \
do \
if [ -f "$$i" ]; then \
( echo installing $$i; \
Hi all...
Before upgrading, one of my virtual domains (ip
based) had SSL setup and was working fine. The second domain did not
work. The error was odd according to people in IRC support channels, and I
was told to upgrade to all of the latest versions.
I did that.
Now when I try to
Hello,
I have a big problem which I can't solve, so I hope some good soul will
help me.
I upgraded Apache 1.3.9 with mod_ssl module 2.4.8 to apache-1.3.12 with
mod_ssl-2.6.5 (openssl-0.9.5a). The certificates were generated by old
openssl (0.9.4). The problem is:
When I start the server it g
This post is just for the error tracking...
A am running (Apache/1.3.11 Ben-SSL/1.38) and the change from OpenSSL-0.9.4
to OpenSSL-0.9.5 was uneventful. I'm not sure if I needed to recompile
Apache or not in order to fully use the new OpenSSL package.
Cheers,
- Bennett
__
On Tue, Feb 29, 2000 at 01:08:39AM -0500, Peter Avalos wrote:
> After upgrading from OpenSSL 0.9.4 to 0.9.5, I get this error when trying to
> start apache:
> [error] mod_ssl: Init: Failed to generate temporary 512 bit RSA private key
>
> I can't find any informat
94 matches
Mail list logo
