Hello,
try this for generating the TSA-reply
openssl ts -reply -config openssl.cnf -section tsa_timestamp -queryfile
TSA-query -inkey ts.key -signer ts.crt -out TSA-reply
where ts.crt and ts.key are the timestamping certificate and private key
(without passphrase)
and TSA-query is the
Do you think OpenSSL is a game?
On 11.03.2013 22:02, kap...@mizera.cz wrote:
Thank you,
but this thread is about TS from real Certification Authority and
problem with attribute certificates.
--kapetr
Dne 11.3.2013 21:16, Walter H. napsal(a):
Hello,
try this for generating the TSA-reply
Hello,
I have the following:
---
name = ASN1:SEQUENCE:section
[ section ]
value.1 = XXX:text
---
what is possible to have instead of XXX?
Thanks,
Walter
smime.p7s
Description: S/MIME Cryptographic Signature
Thanks,
Walter
On 28.02.2013 12:03, Erwann Abalea wrote:
man asn1parse
man ASN1_generate_nconf
That should give you some bootstrap information.
--
Erwann ABALEA
-
tridécatabulophobie: peur d'être treize à table
Le 28/02/2013 11:16, Walter H. a écrit :
Hello,
I have the following
On 15.02.2013 07:42, Walter H. wrote:
On Fri, February 15, 2013 07:07, Matthew Hall wrote:
On Fri, Feb 15, 2013 at 07:03:20AM +0100, Walter H. wrote:
Hello,
can someone, please tell me, how to generate a certificate
that conforms to http://www.ietf.org/rfc/rfc3739.txt (RFC 3739)
Thanks
Hello,
can someone, please tell me, how to generate a certificate
that conforms to http://www.ietf.org/rfc/rfc3739.txt (RFC 3739)
Thanks,
Walter
__
OpenSSL Project http://www.openssl.org
User
On Fri, February 15, 2013 07:07, Matthew Hall wrote:
On Fri, Feb 15, 2013 at 07:03:20AM +0100, Walter H. wrote:
Hello,
can someone, please tell me, how to generate a certificate
that conforms to http://www.ietf.org/rfc/rfc3739.txt (RFC 3739)
Thanks,
Walter
Hi Walter,
We could help
Hello,
can someone please tell me the correct syntax and/or give me an example of
using NID id-pda-dateOfBirth
when requesting a certificate by calling
openssl req -config openssl.cnf -new -key cert.key -subj
/.../id-pda-dateOfBirth=? -out cert.csr
must there be something special in the
On Wed, February 6, 2013 23:47, Thomas Koeller wrote:
bash-4.0$ openssl verify -x509_strict -CAfile cacert/root_ca.pem -purpose
sslserver cacert/host_ca.pem
cacert/host_ca.pem: C = DE, ST = Hamburg, O = K\C3\B6ller Family, OU =
K\C3\B6ller Family Certification Authority, CN = K\C3\B6ller
Hi
On 02.02.2013 23:55, Alexander Hollerith wrote:
The php openssl library implements a function named openssl_csr_sign() and
inside that function one can find the following line:
X509_gmtime_adj(X509_get_notAfter(new_cert), (long)60*60*24*num_days);
This obviously provokes an
My config is :
OS : centos 6
OpenSSL : openssl-1.0.0-20.el6_2.5.x86_64
My commands are :
oppenssl smime -sign -in myfile -signer mycertif.pem -inkey mykey.pem |
openssl smime -out signedfile -from m...@me.me -to t...@to.to -subject
mysubject -encrypt -des3 myencryption.pem
sendmail
Hello,
is there an openssl RPM package with version 0.9.8 or better for CentOS 4.x?
(upgrade to CentOS 5.x or 6.x is impossible)
Thanks,
Walter
smime.p7s
Description: S/MIME Cryptographic Signature
Hello,
why does the following makefile not succeed?
all: pckdCRL.zip
.SUFFIXES:
.SUFFIXES: .text .pem .crl
.pem.crl:
openssl crl -in $ -outform der -out $@
.pem.text:
openssl crl -noout -text -in $ $@
pckdCRL.zip: rootCRL.pem rootCRL.crl rootCRL.text
zip -9 -j pckdCRL.zip
Hallo,
https://pki-tutorial.readthedocs.org/en/latest/cadb.html
- Serial number files ...
what is the CRL number file?
where can I configure this?
Thanks,
Walter
On Mon, December 17, 2012 15:23, Stefan H. Holek wrote:
Hi All!
I have been working on an OpenSSL PKI tutorial, and the time has
Dr. Stephen Henson wrote:
On Wed, Dec 12, 2012, Walter H. wrote:
Hello,
when using
openssl ocsp ...
in a CGI skript, you must use -noverify
because without, this creates the line
Response verify OK
neither /dev/null nor 21 file nor 21 /dev/null, let this line
disappear
so this shoots
Salz, Rich wrote:
neither /dev/null nor 21 file nor 21 /dev/null, let this line
disappear
Redirections happen left-to-right. So do this:
/dev/null 21
left-to-right? outer-to-inner, I understand;
Or the simpler
2/dev/nul
ok
Thanks,
Walter
Hello,
when using
openssl ocsp ...
in a CGI skript, you must use -noverify
because without, this creates the line
Response verify OK
neither /dev/null nor 21 file nor 21 /dev/null, let this line
disappear
so this shoots either a 500 page or an invalid OCSP response is sent,
which results
Hello,
I have created a self signed root CA certificate, and two other CA
certificate, that I signed with this self signed root certificate;
and these SubCA certificates are used for signing requests;
with the root CA I signed also a certificate, with the purpose of
signing OCSP Responder;
101 - 118 of 118 matches
Mail list logo