Jakob Grießmann wrote:
>
> Hello,
>
> does anyone have a howto on how to generate a self-signed extended
> validation certificate, or on how to set-up my own CA for local use
> that gives out EVN certificates?
>
> I know how to do this for normal certificates, but was unable to find
> more det
Tinyca is the best others are also available like LuaCrypto you can go for it
but I like Tinyca.
-
https://www.thesslstore.com/ SSL Certificates
https://www.thesslstore.com/thawte.aspx Thawte SSL
https://www.thesslstore.com/extended-validation-ssl-certificates.aspx EV SSL
--
View this m
If an application uses OpenSSL and doesn't set the Cipher suites explicitly,
1. Does it use the Openssl default cipher suite listed by "openssl ciphers -v"
2. As the default cipher suite contains export Cipher suites also, is there a
chance of application using one among the export cipher suite
Sorry, I forgot to mention that c-client library/API is part of IMAP-2009
library (http://www.panda.com/imap/)
I am using IMAP library, which in turn using OpenSSL.
I am re-posting my last post here.
The IMAP(2009) c-client library/API does its own socket I/O for non-SSL
sessions, but in SSL the
Mark wrote:
> I may be making a wrong assumption but if the cypher used is a block
> cypher does it not wait until a full block of data is ready before it
> can encrypt and send the data? If a message does not consist of enough
> data to fill a block, could there be unencrypted data left in a bu
Parimal Das wrote:
> The IMAP(2009) c-client library/API does its own socket I/O for
> non-SSL sessions, but in SSL the socket I/O is delegated to OpenSSL.
> When c-client does its own socket I/O, it sets a timeout (normally
> 15 seconds) on a select() call prior to doing any read() or write()
> c
Hi all
I'm working with ID-based signature (SHAMIR 84) and I create a struct
as below:
struct sign
{
BIGNUM *s;
BIGNUM *d;
}
How do I export this key into
a file in a PEM format??
Thanks in advance
__
OpenSSL Project
*Good Morning, Achint!*
I think that you have to options, or you change your application, or your
openssl.
To you change your openssl, see this :
http://groups.google.com.br/group/mailing.openssl.dev/browse_thread/thread/65b27a723255435e/eb5dcb25ab57d737?lnk=gst&q=MARIHOFFART#eb5dcb25ab57d737
*
2009/10/29 David Schwartz :
>
> Daniel Marschall:
>
>> Hello.
>>
>> I am not searching bugs in my code. I have a certificate and a CRL.
>> And the functionality -issuer_checks is buggy. My cert and CRL have
>> exactky the same DN as issuer.
>
> What is the bug then? All you've reported so far is:
On Fri, Oct 30, 2009 at 02:50:55PM +0530, achint dudhwala wrote:
> 3. How can we configure the application for not using the export
> cipher suites.
If the application supports a configurable cipher list, use:
DEFAULT:!EXPORT:!LOW:!SSLv2
unless you need to support pre-historic SSL peers
Ahh, that explains it. Thanks for looking into it.
My code only uses a store for verification. It is Perl glue developed
in-house. Perhaps we would be willing to donate it to contrib. It is a more
complete set of bindings to libcrypto than other modules on CPAN.
The documentation on iCRLs w
We have successful deployed a FIPS build of OpenSSL 0.9.7m w/zlib compression
on Windows clients and linux servers in stunnel. Now we want to upgrade to a
FIPS build of 0.9.8k. We are running into a couple of issues. Here are my two
questions:
1. Should a 0.9.7m build work with a 0.9.
On Fri, Oct 30, 2009, Daniel Marschall wrote:
>
> >
> > 2) When you enable informational messages, you get accurate informational
> > messages.
>
> Please tell me, why it isn't a bug! I don't understand it. In my case
> and also in the uncleared case of Helga Krause, the CRL was issued by
> Pers
On Fri, Oct 30, 2009, Adam Rosenstein wrote:
> Ahh, that explains it. Thanks for looking into it.
>
> The documentation on iCRLs was a little cryptic to me. It said that no
> lookup methods were used (?). Now you say the store is also not used. How
> do I get the iCRL into the verification pr
> > Ahh, that explains it. Thanks for looking into it.
> >
> > The documentation on iCRLs was a little cryptic to me. It said that no
> > lookup methods were used (?). Now you say the store is also not used.
> How
> > do I get the iCRL into the verification process? Also, does the current
> > 1
2009/10/30 Dr. Stephen Henson :
> On Fri, Oct 30, 2009, Daniel Marschall wrote:
>
>>
>> >
>> > 2) When you enable informational messages, you get accurate informational
>> > messages.
>>
>> Please tell me, why it isn't a bug! I don't understand it. In my case
>> and also in the uncleared case of He
Hello,
Im tring to run a client/server application. Server is on Linux, and client in
on z/OS. Application will run for a couple of seconds, and then will receive
the following errors on the server side.
[r...@esa26_37 sles11]# HERESSL_accept() handshake error, dirty.
SSL_ERRO
On Fri, Oct 30, 2009, Daniel Marschall wrote:
> 2009/10/30 Dr. Stephen Henson :
> > On Fri, Oct 30, 2009, Daniel Marschall wrote:
> >
> >>
> >> >
> >> > 2) When you enable informational messages, you get accurate informational
> >> > messages.
> >>
> >> Please tell me, why it isn't a bug! I don't
On Fri, Oct 30, 2009, Dr. Stephen Henson wrote:
> On Fri, Oct 30, 2009, Daniel Marschall wrote:
>
> > 2009/10/30 Dr. Stephen Henson :
> > > On Fri, Oct 30, 2009, Daniel Marschall wrote:
> > >
> > >>
> > >> >
> > >> > 2) When you enable informational messages, you get accurate
> > >> > informatio
We have in apps/
in x509.c
print_name(STDout, "issuer= ",
X509_get_issuer_name(x), nmflag);
in crl.c
print_name(bio_out, "issuer=", X509_CRL_get_issuer(x),
nmflag);
In order to make a fair change that will potentially hurt everyone, I
propos
Hi All,
In our environment a secure server creates Private/Public RSA keys.
We Can never access the Private key but we are able to access the Public
Key.
The command BN_num_bytes(rsa_public_key->e) returns the size of the
exponent part of the public key, and it is 3 bytes. "10001".
Could this be
Hi Bizhan,
> The command BN_num_bytes(rsa_public_key->e) returns the size
> of the exponent part of the public key, and it is 3 bytes. "10001".
> Could this be a valid value?
Yes. Typical values are 3, 17, and 65535.
> We have a system that requires public key exponent to be 4 bytes,
> could I pa
22 matches
Mail list logo
