crl generation
Hi everybody! Does anybody if it is possible to generate CRL with crl utility and how? I mean input files format and so on .. Thanks a lot Michal Bachorik __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
anybody is working with openssl and visual basic?
__ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: anybody is working with openssl and visual basic?
Yes, i've done an tool for corporate user certification (key and cert management) interfacing visualbasic with openssl. What do you need ? -- Dott. Sergio Rabellino Technical Staff Department of Computer Science University of Torino (Italy) Member of the Internet Society http://www.di.unito.it/~rabser Tel. +39-0116706701 Fax. +39-011751603 __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Does openssl support 3 digit ISO code for country info
Hi All, I want to generate a CERT request where the country code is 3 digit ISO code. OpennSSL seems to support and two character contry codes. Is there some workaround to take care of this. Thanks, Birla __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
ERR_print_errors_fp crashes
Hi All, My SSL_connect fails for some reason and I'm trying to find out why. SSL_get_error returns an SSL_ERROR_SSL value but doesn't tell me much more about what went wrong. So I tried printing out all the errors to a file using ERR_print_errors_fp and the result is that my application crashes. The ERR_print_errors_fp works fine before I execute the SSL_connect (although there are no errors to print at that time). Any ideas? Stuff is compiled with VC6 running on Win2K. Using winsock for sockets. Thanks, Bastiaan Olij __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
RE: anybody is working with openssl and visual basic?
If you want to publish it for free put it onto the mailing list. I am interested too! Erwin -Original Message- From: lawrence [mailto:[EMAIL PROTECTED]] Sent: 2002-04-03 12:16 To: '[EMAIL PROTECTED]' Subject: RE: anybody is working with openssl and visual basic? I need a sample to work with Visual Basic too. If you have a sample, can I have a copy? Rgrds, Lawrence -Original Message- From: Rabellino Sergio [mailto:[EMAIL PROTECTED]] Sent: Wednesday, April 03, 2002 5:03 PM To: [EMAIL PROTECTED] Subject: Re: anybody is working with openssl and visual basic? Yes, i've done an tool for corporate user certification (key and cert management) interfacing visualbasic with openssl. What do you need ? -- Dott. Sergio Rabellino Technical Staff Department of Computer Science University of Torino (Italy) Member of the Internet Society http://www.di.unito.it/~rabser Tel. +39-0116706701 Fax. +39-011751603 __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: Help with Digital Signatures
I doubt this. RSA or something should be here snip it was likely just marketing language. They likely use RSA signatures and PKCS7 syntax snip Would you consider some form of consulting? Yes, I would - although it would be up to my customer. I'm a consultant myself, although not in the area of Digital Signatures (as you can probably tell). In the light of your comments, I'll go back to my customer and suggest they hand this off to someone specialised in this area - suggestions and contact details welcome! Thanks, Tom __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Creating client certificates with OpenSSL on Win2000 Advanced Server.
Hi, I'm new with the client sertificates concepts and I need really help. We use Apache server on Win2000 and Java development language (JSP). With openssl achived to get a trial server certiifcate from Verisign. But that's not enough and we need to make client authentication.I know that I can do this with openssl but I could not find enough documantation for this. * So if anyone can help me for creating and managing client certificates in a step by step format I wiill be really happy. * Any other suggestion and ideas for client authentication in our situation will also be appreciated. Thanks in advance for any help. Not: we use Apache server - Win2000 - Java Fatih Dkmeci __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Java + SSL
Hi All, have anybody experiences with the following Error, which occurs when I want to use the example from the JNDI == LDAP == Security to connect to an LDAP Server over SSL: cutscence // Set up the environment for creating the initial context Hashtable env = new Hashtable(); env.put(Context.INITIAL_CONTEXT_FACTORY, com.sun.jndi.ldap.LdapCtxFactory); env.put(Context.PROVIDER_URL, ldap://localhost:636/o=JNDITutorial;); // Specify SSL env.put(Context.SECURITY_PROTOCOL, ssl); // Authenticate as S. User and password mysecret env.put(Context.SECURITY_AUTHENTICATION, simple); env.put(Context.SECURITY_PRINCIPAL, cn=S. User, ou=NewHires, o=JNDITutorial); env.put(Context.SECURITY_CREDENTIALS, mysecret); // Create the initial context DirContext ctx = new InitialDirContext(env); // ... do something useful with ctx /cutscence I become the following Error Root exception is java.net.SocketException: SSL implementation not available. I use also jsse.jar which is needed to run SSL. Can anybody help me :) Thanks in advance regards Ferruh __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: Java + SSL
Zamangoer, Ferruh wrote: Hi All, have anybody experiences with the following Error, which occurs when I want to use the example from the JNDI == LDAP == Security to connect to an LDAP Server over SSL: cutscence // Set up the environment for creating the initial context Hashtable env = new Hashtable(); env.put(Context.INITIAL_CONTEXT_FACTORY, com.sun.jndi.ldap.LdapCtxFactory); env.put(Context.PROVIDER_URL, ldap://localhost:636/o=JNDITutorial;); // Specify SSL env.put(Context.SECURITY_PROTOCOL, ssl); // Authenticate as S. User and password mysecret env.put(Context.SECURITY_AUTHENTICATION, simple); env.put(Context.SECURITY_PRINCIPAL, cn=S. User, ou=NewHires, o=JNDITutorial); env.put(Context.SECURITY_CREDENTIALS, mysecret); // Create the initial context DirContext ctx = new InitialDirContext(env); // ... do something useful with ctx /cutscence I become the following Error Root exception is java.net.SocketException: SSL implementation not available. I use also jsse.jar which is needed to run SSL. Can anybody help me :) Thanks in advance regards Ferruh It seems that jsse is not correctly installed in you VM. Follow the instruction embedded with the jsse for the correct definition of the security provider in the JRE_HOME/lib/security/java.security config file. -- Dott. Sergio Rabellino Technical Staff Department of Computer Science University of Torino (Italy) Member of the Internet Society http://www.di.unito.it/~rabser Tel. +39-0116706701 Fax. +39-011751603 __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
need help
i cant compile openssl. i get messages like... Building OpenSSL cl /Fotmp32dll\hw_aep.obj -Iinc32 -Itmp32dll /MD /W3 /WX /G5 /Ox /O2 /O b2 /Gs0 /GF /Gy /nologo -DWIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DDSO_WIN32 -DB N_ASM -DMD5_ASM -DSHA1_ASM -DRMD160_ASM /Fdout32dll /GD -D_WINDLL -D_DLL -c .\c rypto\engine\hw_aep.c hw_aep.c .\crypto\engine\hw_aep.c(61) : fatal error C1083: Cannot open include file: 'uni std.h': No such file or directory NMAKE : fatal error U1077: 'cl' : return code '0x2' Stop. i tried making an empty header file still many problems. i also tried to compile using the header of the active pearl still many problems. i also tried to delete that line but still many problems. what is wrong with it? i cannot have a ssleay32d.lib. can you tell me how to setup openssl? thank you. albert __ www.edsamail.com __ www.edsamail.com __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: Does openssl support 3 digit ISO code for country info
On Wed, Apr 03, 2002 at 03:05:41PM +0530, balakb wrote: I want to generate a CERT request where the country code is 3 digit ISO code. OpennSSL seems to support and two character contry codes. Is there some workaround to take care of this. No. If I don't misunderstand RFC2459, you have to use Alpha-2 (2 digit) ISO code: id-at-countryName AttributeType ::= {id-at 6} X520countryName ::= PrintableString (SIZE (2)) -- IS 3166 codes Best regards, Lutz -- Lutz Jaenicke [EMAIL PROTECTED] http://www.aet.TU-Cottbus.DE/personen/jaenicke/ BTU Cottbus, Allgemeine Elektrotechnik Universitaetsplatz 3-4, D-03044 Cottbus __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
AW: Java + SSL
Thanks I think that's right way. I have become communication with the server. Following Error occurs on slapd: daemon_init: 2 listeners opened slapd init: initiated server. slap_sasl_init: initialized! slapd startup: initiated. slapd starting ldap_pvt_gethostbyname_a: host=solo, r=0 connection_get(10): got connid=0 connection_read(10): checking for input on id=0 TLS trace: SSL_accept:before/accept initialization TLS trace: SSL_accept:SSLv3 read client hello A TLS trace: SSL_accept:SSLv3 write server hello A TLS trace: SSL_accept:SSLv3 write certificate A TLS trace: SSL_accept:SSLv3 write server done A TLS trace: SSL_accept:SSLv3 flush data TLS trace: SSL_accept:error in SSLv3 read client certificate A TLS trace: SSL_accept:error in SSLv3 read client certificate A connection_get(10): got connid=0 connection_read(10): checking for input on id=0 TLS trace: SSL_accept:error in SSLv3 read client certificate A TLS: can't accept. connection_read(10): TLS accept error error=-1 id=0, closing connection_closing: readying conn=0 sd=10 for close connection_close: conn=0 sd=10 The java throws following Exception : javax.naming.CommunicationException: xxx.xxx.xxx.xxx:636. Root exception is javax.net.ssl.SSLException: untrusted server cert chain at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a([DashoPro-V1.2-120198])at com.sun.net.ssl.internal.ssl.ClientHandshaker.a([DashoPro-V1.2-120198]) at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage([DashoPro-V1.2- 120198])at com.sun.net.ssl.internal.ssl.Handshaker.process_record([DashoPro-V1.2-120198 ]) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a([DashoPro-V1.2-120198]) (Thanks)² regards Ferruh -Ursprüngliche Nachricht- Von: Rabellino Sergio [mailto:[EMAIL PROTECTED]] Gesendet: Mittwoch, 3. April 2002 14:42 An: [EMAIL PROTECTED] Betreff: Re: Java + SSL Zamangoer, Ferruh wrote: Hi All, have anybody experiences with the following Error, which occurs when I want to use the example from the JNDI == LDAP == Security to connect to an LDAP Server over SSL: cutscence // Set up the environment for creating the initial context Hashtable env = new Hashtable(); env.put(Context.INITIAL_CONTEXT_FACTORY, com.sun.jndi.ldap.LdapCtxFactory); env.put(Context.PROVIDER_URL, ldap://localhost:636/o=JNDITutorial;); // Specify SSL env.put(Context.SECURITY_PROTOCOL, ssl); // Authenticate as S. User and password mysecret env.put(Context.SECURITY_AUTHENTICATION, simple); env.put(Context.SECURITY_PRINCIPAL, cn=S. User, ou=NewHires, o=JNDITutorial); env.put(Context.SECURITY_CREDENTIALS, mysecret); // Create the initial context DirContext ctx = new InitialDirContext(env); // ... do something useful with ctx /cutscence I become the following Error Root exception is java.net.SocketException: SSL implementation not available. I use also jsse.jar which is needed to run SSL. Can anybody help me :) Thanks in advance regards Ferruh It seems that jsse is not correctly installed in you VM. Follow the instruction embedded with the jsse for the correct definition of the security provider in the JRE_HOME/lib/security/java.security config file. -- Dott. Sergio Rabellino Technical Staff Department of Computer Science University of Torino (Italy) Member of the Internet Society http://www.di.unito.it/~rabser Tel. +39-0116706701 Fax. +39-011751603 __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: Help about OpenSSL Install!
On Wed, 3 Apr 2002, Hao Shi wrote: I have installed and used OpenSSL for several weeks. But yesterday I met error! When I use openssl ca command ,it will display error: -- wrong number of fields on line 1(looking for field 6, got 1, ''left -- Then I reset the config file and installed openssl again. The question disappeared for a while , but appeared again later. This time ,I can not solve it. The other commands in openssl all are right, such as x509, only ca command is wrong. check in openssl.conf you use for your ca command field 'database' - it should be pointing to file index.txt which serves as a database file for your CA. errror message you get means,that this index.txt file has wrong format.Most probably,you(or someone else) tried to edit it and saved it in wrong format ... The correct format is : 'STATUS'\t'DATEOFSIGN'\t'DATEOFREVOKE'\t'SERIAL'\t'ALIAS'\t'DISTINGUISHEDNAME' It seems like you have empty line(mabye only carriege return) in index.txt Please give me some advice. Your help will be highly appreciated. Thank you! __ Do You Yahoo!? Yahoo! Tax Center - online filing with TurboTax http://taxes.yahoo.com/ __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] -- snail-mail : Michal Bachorik Nedozerskeho 207 Nedozery 972 12 SLOVAKIA phone : +421 862 54 85 220 e-mail : [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]