Hi,
Somehow related to private keys but about loading them with CAPI engine... Does
someone know if the ENGINE_load_private_key() for CAPI engine returns the
PUBLIC KEY ?
I have a feeling it does so because I tried to save that returned EVP_PKEY to
a PEM file with PEM_write_bio_PrivateKey and
Good day,
I was using openssl verify as described in the Pastebin link to validate
a cert, using a custom root store indicated with the -CAfile option. The
custom root store contains a Comodo root, the cert to be validated is
signed by Equifax. The expected result would be for that check to fail.
Bonjour,
See apps/apps.c, function setup_verify. It receives 2 arguments CAfile
and CApath.
Each one is processed independently, and if either one is NULL, its
corresponding default is used.
--
Erwann ABALEA
Le 06/12/2012 10:38, Ralph Holz a écrit :
Good day,
I was using openssl verify as
On 12/5/2012 6:44 PM, Will Nordmeyer wrote:
On Wed, Dec 5, 2012 at 12:18 PM, Jakob Bohm wrote:
On 12/5/2012 5:30 PM, Will Nordmeyer wrote:
On Wed, Dec 5, 2012 at 11:22 AM, Dr. Stephen Henson
wrote:
On Wed, Dec 05, 2012, Will Nordmeyer wrote:
On Wed, Dec 5, 2012 at 10:47 AM, Dr. Stephen H
Hi,
> See apps/apps.c, function setup_verify. It receives 2 arguments CAfile
> and CApath.
> Each one is processed independently, and if either one is NULL, its
> corresponding default is used.
>
Thanks for the quick reply. The openssl docs at
http://www.openssl.org/docs/apps/verify.html
say:
On 12/6/2012 9:13 AM, LN wrote:
Hi,
Somehow related to private keys but about loading them with CAPI
engine... Does someone know if the ENGINE_load_private_key() for CAPI
engine returns the PUBLIC KEY ?
I have a feeling it does so because I tried to save that returned
EVP_PKEY to a PEM file wit
On Thu, Dec 06, 2012, Christian Hohnstaedt wrote:
> On Wed, Dec 05, 2012 at 10:38:59AM -0800, Alex Chen wrote:
> > I am trying to change the password of a private key with 'openssl rsa'
> > command. The original key file, server.key.enc has the following format:
> > -BEGIN ENCRYPTED PRIVATE
On Thu, Dec 6, 2012 at 2:16 AM, Ralph Holz
wrote:
> -CAfile fileA file of trusted certificates.
>
> "The lookup first looks in the list of untrusted certificates and if no
> match is found the remaining lookups are from the trusted certificates.
> The root CA is always looked up in the truste
There's the same behaviour with -CAfile. If -CAfile isn't specified,
then the default platform CA file is used (by default,
/usr/lib/ssl/cert.pem).
This is true for verify, ocsp, smime, and cms.
I personally don't think it's unexpected for the openssl app. I'd even
like it to be extended to ot
This might be better coming from the Ubuntu OpenSSL maintainer but I'm having
an issue which the only current suggested fix/workaround is to downgrade to
1.0.0.
I have a website I am monitoring and the tool uses the CURL library which in
turn uses the OpenSSL library. While all the browsers I'v
On Thu, Dec 6, 2012 at 12:00 PM, Erwann Abalea
wrote:
> There's the same behaviour with -CAfile. If -CAfile isn't specified, then
> the default platform CA file is used (by default, /usr/lib/ssl/cert.pem).
> This is true for verify, ocsp, smime, and cms.
Oh, right. New diff attached.
verify.po
>From: owner-openssl-us...@openssl.org On Behalf Of Baker, Darryl
>Sent: Thursday, 06 December, 2012 14:45
>I have a website I am monitoring and the tool uses the CURL library
>which in turn uses the OpenSSL library. While all the browsers I've
>tried accept the certificate OpenSSL does not. The
12 matches
Mail list logo
