[no subject]

https://mta.openssl.org/pipermail/openssl-users/attachments/20211109/b5cd5f1e/attachment-0001.html

[no subject]

[no subject]

[no subject]

[no subject]

Hello I was wondering how to migrate to a provider for Openssl 3.0 an engine for openssl 1.0.2 that was simply defining on an RSA_METHOD structure the method for modular exponentiation for RSA and getting call parameters from RSA_get_ex_data(), in order then to use an hw accelerator. Other methods

[no subject]

Hi #define of BIOerr and BUFerr is deprecated in openssl3.0 # ifndef OPENSSL_NO_DEPRECATED_3_0 #define BIOerr(f, r) ERR_raise_data(ERR_LIB_BIO, (r), NULL) # define BUFerr(f, r) ERR_raise_data(ERR_LIB_BUF, (r), NULL) #endif The BIOerr and BUFerr are used in the code something like below BIOerr

[no subject]

Hi, I am building Nginx application with openssl-3.0.0, i have added below code in main function of nginx application to load fips provider, OSSL_PROVIDER *fips; OSSL_PROVIDER *base; fips = OSSL_PROVIDER_load(NULL, "fips"); if (fips == NULL) { printf("Failed to

[no subject]

Hi, How to verify if the application is using fips provider from openssl-3.0.0 ( similar to fips_mode() api in openssl-fips-2.0.16) and does fips provider do run time check and through error if application using non fips ciphers. Regards, Nagarjun

[no subject]

[no subject]

[no subject]

[no subject]

[no subject]

Hi, After adding 'enable-sctp' compile option, OpenSSL (DTLS) can work with SCTP as transport. OpenSSL bss_dgram.c file includes the kernel /netinet/sctp.h. We have our own custom SCTP implementation (also implements custom BIO METHODS, do not use the default methods), so we need to remove the

[openssl-users] (no subject)

Get Outlook for Android -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

[openssl-users] (no subject)

Hi, Trying to get the Openssl command line version of the following snippet. I have tried this openssl dgst -sha256 -sign my_private.key -out /tmp/sign.sha256 codeTosign.txt But the the results do not match ? ``` From: "tim.fortinbras" To: openssl-users@openssl.org Cc: Bcc: Date: Tue, 31 Jul

[openssl-users] (no subject)

-- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

[openssl-users] (no subject)

Gesendet von Mail für Windows 10 -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

[openssl-users] (no subject)

Gesendet von Mail für Windows 10 -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

[openssl-users] (no subject)

Gesendet von Mail für Windows 10 -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

[openssl-users] (no subject)

import rlcompleter import readline readline.parse_and_bind("tab: complete") -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

[openssl-users] (no subject)

Gesendet von Mail für Windows 10 -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] (no subject)

On 27/06/17 01:05, Neetish Pathak wrote: > Hi , > > 1) I am working with a client and server program and want to use > ECDHE-ECDSA type ciphers. > I see that default Elliptic curve group supported is X25519. (when I > check client and server logs on wireshark) > I wish to generate a self-signed

[openssl-users] (no subject)

Hi , 1) I am working with a client and server program and want to use ECDHE-ECDSA type ciphers. I see that default Elliptic curve group supported is X25519. (when I check client and server logs on wireshark) I wish to generate a self-signed certificate for X25519 curve. But I am unable to do that

[openssl-users] (no subject)

Nguyễn Văn Công.pdf -- Nguyễn Văn Công -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

[openssl-users] (no subject)

>From russellb...@gmail.com Fri Feb 17 09:50:52 MST 2017 to: openssl-users-requ...@openssl.org subject: set digest set digest -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] (no subject)

On Fri, Aug 26, 2016 at 6:56 PM, Juliano Souza wrote: > I just found it. > > Hope to help someone with same requirement. > > http://www.cafesoft.com/products/cams/ps/docs32/admin/ConfiguringApache2ForSSLTLSMutualAuthentication.html > There's also Origin Bound Certificates (OCB), http://www.czeski

Re: [openssl-users] (no subject)

I just found it. Hope to help someone with same requirement. http://www.cafesoft.com/products/cams/ps/docs32/admin/ConfiguringApache2ForSSLTLSMutualAuthentication.html 2016-08-26 17:16 GMT-03:00 Juliano Souza : > Hi! > > > > In order to authenticate users without user and password, I’d like to

[openssl-users] (no subject)

Hi! In order to authenticate users without user and password, I’d like to generate users .p12 .pfx certificates to install on their browsers and identify them by CN. Is there any howto or tutorial explaining some of... 1-Generate my own CA 2-Generate users .p12 / .pfx certs ? 3-In apache

[openssl-users] (no subject)

We are using session resumption with openssl, and to support that we are storing sessions in a file. On the server side the allowed TLS version can be configured and server admin can change it. It can be changed for example to allow only TLS 1.2. The problem is that if the client has SSL sessi

[openssl-users] (no subject)

WHAT ROBERTO Y MARIBEL ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

[openssl-users] (no subject)

confirm ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

[no subject]

Hi All: Now I want to create a certificate chain by myself. It will looks like as below: Server Certificate -> Intermediate CA -> Root CA. Now I am using openssl command to create these certificate files. # Create CA openssl genrsa -out ca.key 4096 openssl req -new -x509 -nodes -sha1 -days 1825

[no subject]

[no subject]

Hi, We had a product which generate RSA/MD5 certificate. Now I'm working on a custom openssl engine. The goal is to generate X509 certificate with some new signature/digest algorithms. With engine, we do not need to re-code too much. Now we can generate and sign certificate, but X509_verify() fai

[no subject]

Please remove from this mailing list. Thanks.

[no subject]

Hello. I have this problem whith ssl.dev This function: *SMIME_read_PKCS7* Return the error message when encryption is obtained from a digital certificate of 1024 bits and a text of more than 392 characters: *4618:error:0D06B08E:asn1 encoding routines:ASN1_D2I_READ_BIO:not enough data:a_d2i_fp.c

[no subject]

I’m trying to understand some code someone wrote as a wrapper for the openssl library / tool, with a view to updating it. I'm completely new to openssl and PKI in general. I found the following docs / references to help navigate but I wasn't able to find answer to my question. http://users.dcc.uc

[no subject]

Is there way to get some 3rd party documentation about advanced configuration of ssl. I need to 1) Get rid from linkage b75d6000-b75e6000 r-xp 08:03 54611 /lib/i386-linux-gnu/i686/cmov/libresolv-2.13.so b75e6000-b75e7000 r--p 0001 08:03 54611 /lib/i386-linux-gnu/i686/cmov/libresolv-2.1

[no subject]

I saw the message below which indicates that as of 9/2011 CMS_verify does not support RSA_PKCS1_PSS_PADDING. Has this been fixed since then? I have a CMS on a secure ID card which uses PSS. If this is not fixed, I could send the CMS if that would be useful. I also have some experience with the ope

[no subject]

从三星手机发送

[no subject]

Is there an SSL command that can be used to display CA cert information extracted from the certificate path associated with a cert?

[no subject]

> We know how to extract the subject and issuer from a cert sent by a peer. > Can anyone point out where we get started to look into how to extract > the Organization and organizationalUnit attributes? > It’s not obvious from the API definitions and I’ve been searching > the openssl-users archive b

Re: (no subject): SSL Configuration

On Wed, Jul 25, 2012 at 4:15 PM, Tom Browder wrote: > On Wed, Jul 25, 2012 at 3:40 PM, Ted Byers wrote: >> On Wed, Jul 25, 2012 at 4:03 PM, Tom Browder wrote: ... >> Thanks. Let me know when I can take a look at yor script. I'd also like to >> hear about how you harden your servers. > > Roger-

Re: (no subject): SSL Configuration

On Wed, Jul 25, 2012 at 3:40 PM, Ted Byers wrote: ... > On Wed, Jul 25, 2012 at 4:03 PM, Tom Browder wrote: ... >> I will provide the user passwords for the client certs. to my >> intermediate helpers via the USPO and the individual client >> certificates via e-mail. The users have to get their

Re: (no subject): SSL Configuration

On Wed, Jul 25, 2012 at 4:03 PM, Tom Browder wrote: > On Wed, Jul 25, 2012 at 12:49 PM, Ted Byers wrote: > > Hi All > > Hi, Ted. I, too, have been looking for something like you have. I am > in the process of creating a Perl program that may be able to help you > (for at least part of your req

Re: (no subject): SSL Configuration

On Wed, Jul 25, 2012 at 12:49 PM, Ted Byers wrote: > Hi All Hi, Ted. I, too, have been looking for something like you have. I am in the process of creating a Perl program that may be able to help you (for at least part of your requirements), but I first can point you to one of the most current

[no subject]

Hi All I just subscribed to this list. I have some familiarity with openssl having used it to generate self signed keys for testing secured web applications (on Apache 2.2), prior to deployment, at which time my colleagues would buy a server certificate from one of the usual CAs, such as GoDaddy.

[no subject]

Hi, crypto guys! I have problem with EVP_PKEY_decrypt() function and 4K RSA private key decrypting data encrypted with EVP_PKEY_encrypt() and corresponding public key. Keys generated using openssl CA shell script. EVP_PKEY_decrypt() just returns -2 saying that this key is not supported. BUT! RSA

[no subject]

http://dev.igd.tw/jeancouk/wp-content/uploads/2012/01/jrklre.html";> http://dev.igd.tw/jeancouk/wp-content/uploads/2012/01/jrklre.html

Re: No Subject

What do you think strlen(in) will return? You are mixing up variable length C strings (nul terminated) with binary data - always pass the true data length Carl On Thu 29/03/12 12:58 PM , "Chandrasekhar" chandrasek...@evolute-sys.com sent: > Hi , > > I am new to this openssl libraries. > > I

[no subject]

Hi , I am new to this openssl libraries. I am facing a issue in the below code. When I encrypt, it is giving all zeroes as output. And when I decrypt I am not getting the exact message. Please, I need help in this. #define BUFSIZE 1024 int main(int argc, char *argv[]) {

[no subject]

Hi All, We are using Openssl in one of our product. The version we are using is openssl-0.9.7l. We want to know the TLS version implemented in this version of openssl. I gone through some of the documents and found the version is TLS 1.0. I wanted to confirm this with you people whether this is

[no subject]

http://capitolbird.org/mas5.html __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager

[no subject]

Hello, brothers and sisters help me. See attached for details. I use Windows 7 64bit OS on ASRock Motherboard, MinGW-5.1.6 + MSYS-1.0.11, msysDTK-1.0.1, other windows platform requirements for squid, squid-2.7.STABLE8, and also squid-2.7.STABLE9 it gives stack.o error, Win64OpenSSL_light-1_0_0a fr

[no subject]

dear all, i am using openssl 0.9.8.e in M$ and compile in MSYS. i just want to encrypt a string and then decrypt later. for the encryption, it is always ok. but for decryption, it failed randomly. the word "randomly" means that for some cases, the decryption is ok, but for other cases, it fail

[no subject]

Best Regards Rabia Alklany System Analyst & Software Project Manager Shamir Optical Industry Ltd. | Kibbutz Shamir Upper Galilee, 12135 Israel T: (972) 4-690-1362 | M: (972) 50-5914543 | F: (972) 4-695-1302 www.shamir.co.il This mail was sent vi

(no subject)

__ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org

(no subject)

__ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org

[no subject]

Hi, I'm trying to use indirect CRLs in my application. I cannot figure out how to get the CRL signer's cert to be verified though. I keep getting "CRL path validation error" I do something like this: cs_ctx = X509_STORE_CTX_new(); if (!cs_ctx) { error="malloc error";

[no subject]

list __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org

[no subject]

Hello, i have a question regarding openssl decryption/encryption. First, im new to openssl and not really familiar with the underlaying technology, key algorithms and so on. I have searched the web for a long time, but i cant find a suitable solution to solve my problem. So if the information i

[no subject]

hello, If there is a large file, I want to use BIO_read to read it to buff[4096] in a loop, but i found it start from the second loop, BIO_read from the file begining. I use BIO_seek to solve it. But it not work. Is there any good suggestion ? Thank you _

[no subject]

Greetings. I have recently done some testing with OpenSSL versions 0.9.8i and 0.9.8j. Basically, the application is opening 10,000 connections between a client and server on the same Linux machine. I've noticed quite a difference in memory utilization when monitered with the Linux top comma

[no subject]

Hi all, I am working on some code that takes an existing EC Private Key stored in a PEM file and uses it to create a digital signature. In my code the call I make to read the private key continues to return a NULL pointer. I perform the call as such: pkey = PEM_read_PrivateKey(keyFile, NUL

[no subject]

Can anyone tell me what version of OpenSSL works with my environment? OS: OpenVMS v7.2-1 IP Stack: Multinet v5.0 Thanks, Jim Chicago, IL __ OpenSSL Project http://www.openssl.org User Support

[no subject]

__ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org

[no subject]

I may be overlooking the documentation but I can't seem to find a definitive answer. Does the latest version of Openssl implement TLS v1.2? Thanks.

[no subject]

Good morning. I need help to renew licences which are used for connections of OpenVPN servers using OpenSSL All are due. The question is: If ending this time of the certificate How do I create another certificate without losing the VPN connection? According to the manual to create a certificat

[no subject]

hi ,recently i have a problem with openssl lib. i want use ECC lib,but find there is not enough information in it .for example this function add,i can not find it . can anyone help me? thanks

[no subject]

Hi all, Iam new to the community.I have a query regarding encyption methods in SSL. Is it possibile to use some custom built encryption algorithm(apart from those it supports) with SSL? If possible, How can we do it? Thanks Ramakrishna.

[no subject]

Dear All; When I compiled openssl-0.9.8g on VDSP and run \demos\ssl\cli.cpp .And I tried to connect https://www.gmail.com .At that time I saw client sent client hello and server sent server hello successfully. But After that Client is not sending MASTER_KEY message.

[no subject]

User Support Mailing List

[no subject]

auth 2a705f37 subscribe openssl-users [EMAIL PROTECTED]

[no subject]

Hi I’m upgrading my system from Openssl version 9.6.d to Openssl version 9.8.a. I’m experiencing some problems when I’m “playing” server, For example accepting an incoming call or even accessing my system via HTTPS causes the system to get stuck. After some investigation I figured out that I

[no subject]

Hi Please remove from the mailing list K. Suresh K. Suresh HOD, Dept of Computer Science Sri Vasavi Engineering College Tadepalligudem - Looking for last minute shopping deals? Find them fast with Yahoo! Search.

[no subject]

Hello all, Hoping someone can help me here. I have this function that I use to do DES and Base64 encryption/encoding/decryption/decoding. When it links against libcrypto.0.9 it works fine. However when I rebuild it against libcrypto.0.9.7 it doesn't work. It encrypts but when I got to

[no subject]

Hi, I'm building a program for the YMCA I work at that needs to retrieve an ODBC username and password from a server. I doubt anyone would try to sniff the data however for completion's sake I would like to implement an SSL connection between my client and my server. However if I take this o

[no subject]

Hello; I have compiled the source code from the version OpenSSL 0.9.8e. Now I am trying to use the libraries generated in the following program portion : RSA *rsa=NULL; RSA *ConstructedRSA = NULL; unsigned char *pvk_buf, *p ; int pvk_len; ERR_load_crypto_strings(

[no subject]

How how I delete any post [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager

[no subject]

Hello All, I have a question concerning SSL shutdown procedure. I build a SSL server which accepts sslv2, sslv3 and tlsv1 method. I work in asynchronous mode. Whenever I want to end a SSL session, I use SSL_shutdown API, then SSL_free of my SSL object, then the close of the socket, which is I th

[no subject]

Im lost on how to bring in Certs from Network Solutions.. Im trying to get TLS running TRUSTED. My OS redhat..and one of the problems TLS is working from inside to out but anyone replying command unknown STARTTLS=client, relay=mail.sterlingsavings.com., version=TLSv1/SSLv3, verify=FAIL, cipher

[no subject]

Im lost on how to bring in Certs from Network Solutions.. Im trying to get TLS running TRUSTED. My OS redhat..and one of the problems TLS is working from inside to out but anyone replying command unknown STARTTLS=client, relay=mail.sterlingsavings.com., version=TLSv1/SSLv3, verify=FAIL, cipher=

[no subject]

Hi all, Someone of you can tell me how can I extract public and private keys from RSA structure returned by the function "RSA_generate_key"? I'm using openssl in my c++ simulation work and I must exchange public keys between simulated server and client, I cannot exchange the whole RSA structure

[no subject]

In message <[EMAIL PROTECTED]> on Mon, 12 Feb 2007 11:34:22 +0100, "Michael Leuchtner" <[EMAIL PROTECTED]> said: mleuchtner> The request to the MS CA needs the "enroll certtype extension" (OID mleuchtner> 1.3.6.1.4.1.311.20.2) where I put the name of the certificate template mleuchtner> in. mleu

[no subject]

Hello! I'm developing an application for requesting certificates at a Microsoft CA. I use the openssl libraries to bulid my certificate request. The request to the MS CA needs the "enroll certtype extension" (OID 1.3.6.1.4.1.311.20.2) where I put the name of the certificate template in. I've alre

[no subject]

Hello ! This will probably look like a dumb question, but anyway. Is there any provision and way, in SSL and/or HTTP, to establish a SSL link without trying to assert anything about the server identity? Such that a client (a web browser) would happily use the encrypted tunnel while obvi

[no subject]

Hi I got the three certificates from the CA authority (Signed by VeriSign). I am trying to sign these 3 certificates with my local CA.I am able to sign successfully the signed certificate from VeriSign. But for the intermediate and root certificate of Verisign it is throwing the error(Check that t

[no subject]

Hi all I am using the OpenSSL version 0.9.8d I am facing problem while using c_rehash script on powerpc(linux kernel 2.6.10-WR1.2ci_gpp). I have cross compiled Openssl for PowerPC. While creating the symbolic links for certificates by using c_rehash. I am getting following warning. c_rehash is no

[no subject]

How low will we go? Check out Yahoo! Messenger’s low PC-to-Phone call rates.

[no subject]

Hello, I try to install openssl-0.9.7i onto Cygwin 5.6.xxx. Windows XP SP2 French The ./config command aborts with the following error DES_PTR used DES_RISC1 used DES_UNROLL used BN_LLONG mode RC4_INDEX mode RC4_CHUNK is undefined 'make' n'est pas reconnu en tant que commande interne ou externe, u

[no subject]

I'm looking to generate a short digital signature, perhaps 192 bits or so, using an asymmetrical algorithm. DSA seems to have 320 bit signatures regardless of the key size used. Is this really the case, or am I missing something? Ignoring for the moment the wisdom of using signatures this short

[no subject]

Hello, I am tring to use X509_ATTRIBUTE in X.509 attribute certificate, but I am not undestand it usage. So, I use X509_ATTRIBUTE_create function for create attribute, but this work only for simple ASN.1 types (INTEGER, for example). Creatation of attributes of ASN1_SEQUENCE type raise segfault on

[no subject]

Hi, All I just recently started working with SSL. Unfortunately, the online documentation is not quite complete as I expected. Maybe I am just not looking at the right place. If so, can someone point me to some tutorials that are good for new comers? I downloaded some sample code. One thing

[no subject]

Hi, I am using Non Blocking sockets, and would like to know the behaviour wrt SSL_renegotiation. Once I make a call to do_handshake, as the FD is non blocking it will return immediately with a success, but from the application's point of view how will it come to know that the renegotiation in thro

[no subject]

Hi All, someone knows what does mean : "PEM_read_bio: no start line" when server calls the function (for CA file) :SSL_CTX_load_verify_locations() ? I'm using openssl-0.9.7d Thanks&Regards Maddalena __ OpenSSL Pro

[no subject]

hi,here: I have a problem in using openssl. We want to develop a mobile ipv6 system with aaa support.So I choose opendiamter as our base and I choose openssl to support ssl security. And I want to know are: did openssl support ipv6? Did openssl support mobile ipv6? If so, do I need other conf

[no subject]

hi,everyone:    I have a problem in using openssl. We  want to develop a mobile ipv6 system with aaa support.So  I choose opendiamter as our base and I choose openssl to support ssl security. And I want to know are: did openssl support ipv6? Did openssl support mobile ipv6? If so, do I need o

[no subject]

What do I need to do to use OpenSSL on a hosting account?Life is that which you make of it! Do you Yahoo!? Take Yahoo! Mail with you! Get it on your mobile phone.

[no subject]

Hi. I have such problem. The client side need to get certificate from server side. But there is no possibility to generate a certificate request on client. So the server have to do it by itself. Client send all the required data for creating request except private key of key pair!Server is assu

[no subject]

In message <[EMAIL PROTECTED]> on Fri, 05 Nov 2004 15:51:36 +0200, <[EMAIL PROTECTED]> said: andrea> one silly question: if I generate a request with andrea> andrea> openssl req -new -keyout mykey.pem -out myreq.pem 265 andrea> andrea> the private key in mykey.pem is encrypted or not? It's enc

  1   2   3   >