SSL FTP Client for Windows NT
I need a SSL FTP client for windows has anyone seen one around? Or even better.. Has anyone heard of an OpenSSL Windows NT dll with a Delphi header file? I would settle for a Windows DLL with a C++ header file, pref for Borland C++ Builder. thanks, Margaret Margaret Avis.vcf
RE: OpenSSL & FTP client
Have a look at : ftp://ftp.psy.uq.oz.au:/pub/Crypto/SSLapps/ It has a SSLFTP client for BSD. I hope that helps? I need a SSLFTP client for a Windows NT platform, I've been looking for sometime without finding anything usefull. I can't even be sure the OpenSSL stuff compiles on windows. I'm a Delphi programmer and would be so greatful if anyone knew of a compiled windows dll for openssl with a Delphi header file. thanks, Margaret -Original Message- From: Bob Mead [mailto:[EMAIL PROTECTED]] Sent: Wednesday, 16 February 2000 11:25 To: [EMAIL PROTECTED] Subject: OpenSSL & FTP client Can anyone recommend an SSL-enabled FTP client which uses the libcrypto.a and libssl.a libraries from the openSSL package? I tried curl-ssl, but it wants a different set of lib's. Thanks, Bob Mead __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
RE: SSL my last hope...
Some thoughts for you.. SSL server presents a list of valid CA Certifiates to the browser, the IE browers use this list to filter the client certs they have and present appropriate ones to user for selection. An empty selection box suggests your server has not provided the CA cert to the client! Installation of a CA Cert onto Microsoft server is as follows: - Convert your CA cert to a binary format (use sssleay x509 -in ca.pem -out ca.der -outform DER) - Open the file with Internet Explorer, on the server, to install it into the registry - Run utility IISCA that comes with the IIS Server Good Luck! -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Tuesday, 25 January 2000 11:29 PM To: [EMAIL PROTECTED] Subject: SSL my last hope... Hi, my name is Marion I try to develop a SSL I live in France and I have to generate a key in 40 bits This is the different steps to implement SSL 1. I changed the file openssl.cnf openssl.cnf** # # OpenSSL example configuration file. # This is mostly being used for generation of certificate requests. # RANDFILE = .rnd [ ca ] default_ca = CA_default # The default ca section [ CA_default ] dir = d:/ssl/ToolsCA # Where everything is kept certs = $dir/certs # Where the issued certs are kept crl_dir= $dir/crl # Where the issued crl are kept database = $dir/index.txt # database index file. new_certs_dir = $dir/newcerts # default place for new certs. certificate= $dir/cacert.pem# The CA certificate serial = $dir/serial# The current serial number crl = $dir/crl.pem# The current CRL private_key= $dir/private/cakey.pem# The private key RANDFILE = $dir/private/.rand # private random number file x509_extensions = usr_cert # The extentions to add to the cert # Extensions to add to a CRL. Note: Netscape communicator chokes on V2 CRLs # so this is commented out by default to leave a V1 CRL. # crl_extensions= crl_ext default_days = 1100 # how long to certify for default_crl_days= 30# how long before next CRL default_md = sha1 # which md to use. preserve = no# keep passed DN ordering # A few difference way of specifying how similar the request should look # For type CA, the listed attributes must be the same, and the optional # and supplied fields are just that :-) policy = policy_match # For the CA policy [ policy_match ] countryName = match stateOrProvinceName = match organizationName= match organizationalUnitName= optional commonName = supplied emailAddress= optional # For the 'anything' policy # At this point in time, you must list all acceptable 'object' # types. [ policy_anything ] countryName = optional stateOrProvinceName = optional localityName= optional organizationName= optional organizationalUnitName= optional commonName = supplied emailAddress= optional [ req ] default_bits= 512 default_keyfile = privkey.pem distinguished_name = req_distinguished_name attributes = req_attributes x509_extensions = v3_ca# The extentions to add to the self signed cert [ req_distinguished_name ] countryName = Country Name (2 letter code) countryName_default = FR countryName_min= 2 countryName_max= 2 stateOrProvinceName = State or Province Name (full name) stateOrProvinceName_default= France localityName = Locality Name (eg, city) localityName_default = La Gaude 0.organizationName= Organization Name (eg, company) 0.organizationName_default = AGNS # we can do this but it is not needed normally :-) #1.organizationName = Second Organization Name (eg, company) #1.organizationName_default= World Wide Web Pty Ltd organizationalUnitName = Organizational Unit Name (eg, section) organizationalUnitName_default = CS commonName= Common Name (eg, YOUR name) commonName_max= 64 emailAddress = Email Address emailAddress_max = 40 # SET-ex3 = SET extension number 3 [ req_attributes ] challengePassword = A challenge password challengePassword_min = 4 challengePassword_max = 20 unstructuredName = An optional company name [ usr_cert ] # These extensions are added when 'ca' signs a request. # This goes against PKIX guidelines but some CAs do it and some software # requires this to avoid interpreting an end user certificate as a CA. basicConstraints=CA:FALSE # H
Re: Convert *.pem files to *.p12 (PKCS12) files !!!
such as : openssl pkcs12 -in client2.pem -inkey clientkey2.pem -out client2. p12 -export If key always in -in file , you can ignore -inkey file The -out file can be imported by IE5 - Original Message - From: Sanjay Agnani <[EMAIL PROTECTED]> To: apache-ssl <[EMAIL PROTECTED]> Sent: Monday, February 14, 2000 3:33 PM Subject: Convert *.pem files to *.p12 (PKCS12) files !!! > Hi, > > How can I convert *.pem files to *.p12 (PKCS12) files using OPEN-SSL ? > > Any help regarding this matter is highly appreciated. > > Thank You. > > Sanjay. > > __ > OpenSSL Project http://www.openssl.org > User Support Mailing List[EMAIL PROTECTED] > Automated List Manager [EMAIL PROTECTED] > __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
installation problem
Hi, just begining to use OpenSSL (or trying...), I have got some undefined references at compile time. Everything is allright during installation (make, make test, make install...), but just trying to compile one of the little example: gcc -g -I/usr/local/ssl/include -I/usr/local/ssl/include/openssl -Wall -c cli.cpp gcc -o cli cli.o -L/usr/local/ssl/lib -lcrypto -lssl /usr/local/ssl/lib/libssl.a(s3_clnt.o): In function `ssl3_get_key_exchange': s3_clnt.o(.text+0x17e6): undefined reference to `EVP_dss1' /usr/local/ssl/lib/libssl.a(s3_clnt.o): In function `ssl3_send_client_key_exchange': s3_clnt.o(.text+0x1e22): undefined reference to `d2i_DHparams' s3_clnt.o(.text+0x1e27): undefined reference to `i2d_DHparams' s3_clnt.o(.text+0x1e42): undefined reference to `DH_generate_key' s3_clnt.o(.text+0x1e5b): undefined reference to `DH_compute_key' and so on. /usr/local/ssl/bin/openssl version -a OpenSSL 0.9.4 09 Aug 1999 built on: lun fév 14 15:45:05 CET 2000 platform: linux-elf options: bn(64,32) md2(int) rc4(idx,int) des(ptr,risc1,16,long) idea(int) blowfish(idx) compiler: gcc -DTHREADS -D_REENTRANT -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall -DSHA1_ASM -DMD5_ASM -DRMD160_ASM (As usually this kind of problem is due to user's incompetence, please don't hit me ;-) -- _/_/_/_/ Guy MARTIN - France Télécom _/_/_/_/ Branche Développement - Cnet - DMI/GRI _/_/_/_/ (+33) 2 96 05 25 70 - Fax : (+33) 2 96 05 32 86 __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
OpenSSL's cryptolib and SET
Hi, I'm implementing a subset of the SET protocol and since I'm still a student : I'm not a crypto-expert. So, I searched the internet to find some good and free cryptography software. As far as I've seen, cryptolib seems to fullfill my needs but I'd like to know whether I can build my application on top of it or not. Here are my requirements : - RSA, OAEP DES and CDMF encryption/decryption - SHA-1 digest computation - Basic X.509 Certificate Management (Disk storage, CRL look-up, ...) I'd just like to know which of the previous tasks can be done using the OpenSSL. Parsing/Writing of DER bitstream our of some data structure would be highly appreciate : does OpenSSL provides routines for that? Otherwise, where can I find a free library to do so? Best regards, -- Xavier __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
