Hi all,
I am programmatically generating the self signed certificate and need to
specify the "Not Before" and "Not After" date,
Wanted to understand what all formats are acceptable by this API ?
Also, similarly while using API , what exactly is the time format
expected by X509_cmp_time(X509_ge
private key with which certificate was signed, or
the public key which this certificate signs.
Sorry, I think I am still bit not clear on purpose of the API.
Thanks & Regards,
Nayna Jain
From: Viktor Dukhovni
To: openssl-us...@openssl.org, openssl-dev@openssl.org
Date: 06/22/2015 08:0
Thanks Victor,
I want to match the certificate with the private key for whose public key
that certificate is provided.
If this verifies who signed the certificate, then how do I verify whether
the certificate provided is for the private key which was generated,
Thanks & Regards,
Nayna
Hi,
I am trying to verify X509 certificate against two private keys such that
atleast one of them it should match.
I used the API as
X509_verify(x509, pkey) where pkey is of EVP_PKEY type
However, for one of the private key it is failing with error "block type is
not 01"// And this key is s
Hi,
Thanks Victor, I am going to try these..
I have similar concern for private key.
If I have a pem file with private key in that, how do I check if that is
RSA/DSA ?
Thanks & Regards,
Nayna Jain
From: Viktor Dukhovni
To: openssl-us...@openssl.org, openssl-dev@openssl.org
Date:
Hi all,
I am using X509_STORE and X509_LOOKUP to verify the certificate and its
chain.
But at the end when I do X509_STORE_free(store) and X509_LOOKUP_free
(lookup), it is also doing free of the X509* certificate which I added.
But I don't want that, because after that when I immediately try to
PEM APIs. or there are DER specific APIs also, I
didn't find though, unless they are d2i_xxx types.
Thanks & Regards,
Nayna Jain
From: Viktor Dukhovni
To: openssl-us...@openssl.org
Date: 06/09/2015 10:34 AM
Subject:Re: [openssl-users] Is there openssl API to verify ce
Hi,
I need to verify if the certifiate I have received is having its content in
PEM/DER format.
Is there any API which if given file pointer like (fp) will tell me whether
it has valid format of certificate and if yes then whether it is PEM/DER
format ?
If no API, then what is the other way to
Ok, I think this is what I didn't know. I was using openssl 1.0.1g client.
I still didn't have openssl 1.0.2 .
Thanks..
Thanks & Regards,
Nayna Jain
From: "Salz, Rich"
To: "openssl-dev@openssl.org"
Date: 05/22/2015 09:31 PM
Subject:Re: [op
Hi Hubert,
Thanks..
I tried the command you mentioned i.e.
openssl s_client -connect hostname:443 -cipher EDH /dev/null |
grep 'Server Temp Key'
But it didn't output anything.
Thanks & Regards,
Nayna Jain
From: Hubert Kario
To: openssl-dev@openssl.org
Cc: N
Hi,
With the latest logjam attack, as I was trying to verify if my server
(lighttpd) accepts DHE_xxx ciphers, I saw that it accepted and I didn't
do any configuration setting done for DH parameters explicitly.
But I couldn't verify what is the key length did it use by default
512/1024/2048 ?
& Regards,
Nayna Jain
__
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majord...@openssl.org
reason comes is as - it as mismatch issue between server and client SSL
connection either protocol or certificates like that..
Thanks & Regards,
Nayna Jain
From: Brad House
To: openssl-dev@openssl.org,
Date: 04/21/2014 04:48 PM
Subject:Re: SSL negotiation failed: error:
couldn't get much information.
Since the error seems to be too much code level, sending it to openssl dev
group also, along with openssl users group.
Thanks & Regards,
Nayna Jain
__
OpenSS
loaded by default ?
Thanks & Regards,
Nayna Jain
__
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Man
error. earliar I was getting "Digest
to big in size for rsa"
Can someone please explain this ?
Thanks & Regards,
Nayna Jain
__
OpenSSL Project http://www.openssl.org
Developmen
& Regards,
Nayna Jain
__
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majord...@openssl.org
rror ?
If possible, also if someone can explain that how SSLv23 is able to
handshake with both TLSv1_2 related APIs as well as SSLv3 related APIs.
Thanks & Regards,
Nayna Jain
__
OpenSSL Project
18 matches
Mail list logo