Issue with certificate chain
I have a weird issue when creating and importing PFX files into Windows 7 clients. I have created a CA and a sub CA and I have created client certificates. When I import them into Windows 7 clients (in all fairness I have only tried windows 7), when I go to look at the certification path, it tells me that the root CA certificate is expired or not yet valid. Looking at the expiration date of the root CA, it shows it to only be valid from 11/19/2012 through 12/19/2012. The sub CA certificate and the end user certificates are fine with 5 year validity periods. However, when I look at the root CA with openssl it shows the following: *#: openssl x509 -in cacert.pem -noout -text Issuer: CN=ca3.deeztek.com/emailAddress=c...@deeztek.com Validity Not Before: Dec 20 21:00:07 2012 GMT Not After : Dec 19 21:00:07 2017 GMT Subject: CN=ca3.deeztek.com/emailAddress=c...@deeztek.com* Obviously not expired and the dates are completely different from what Windows is reporting. Can anyone shed some light on this. I sign the client certificates with the sub CA using a cachain file I created from the root and the sub ca. Thanks smime.p7s Description: S/MIME Cryptographic Signature
Re: [openssl-users] Re: Question about exporting user certificate files to .pfx
Maybe I got something wrong creating the intermediate CA which is supposed to be the 2nd certificate. This is what I did to create the intermediate CA. Maybe I missed something? Generated Intermediate CA key: openssl genrsa -out ia.key 4096 Generated Intermediate CA Certificate Request: openssl req -new -key ia.key -out ia.csr Processed Intermediate CA request and signed by the CA: openssl x509 -req -days 1825 -in ia.csr -CA ca.crt -CAkey ca.key -set_serial 01 -out ia.crt Concatenate the CA and the intermediate CA certificates together: Root cert: cat ca.crt > cachain.pem Int-ca cert: cat int-ca.crt >> cachain.pem On 11/19/2012 1:41 PM, Erwann Abalea wrote: Thanks. The first certificate is your root CA, the second one is a version 1 certificate that can't be used as a CA (it would be insecure to allow it). If your end-user certificate is issued by this second certificate, then the error message is normal. -- Deeztek.com Support http://www.deeztek.com smime.p7s Description: S/MIME Cryptographic Signature
Re: [openssl-users] Re: Question about exporting user certificate files to .pfx
I'm assuming this is what you want. This is the contents of my chain file: -BEGIN CERTIFICATE- MIIFlDCCA3ygAwIBAgIJAJsm0MjspJZLMA0GCSqGSIb3DQEBBQUAMDoxGDAWBgNV BAMTD2NhMy5kZWV6dGVrLmNvbTEeMBwGCSqGSIb3DQEJARYPY2EzQGRlZXp0ZWsu Y29tMB4XDTEyMTExNzIzMDA1MVoXDTE3MTExNzIzMDA1MVowOjEYMBYGA1UEAxMP Y2EzLmRlZXp0ZWsuY29tMR4wHAYJKoZIhvcNAQkBFg9jYTNAZGVlenRlay5jb20w ggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDgzL8AMMsGK8O/G5wE/PZF pxDgKbUK8FzfSUDDhsj8wdCXrYa7vCWpklx9P8RIOolLyXV2TZIDX71ixF0JW9HS 6wCrQthfziAh+1iTEAFZq0anJQXYd5kLSxuaBAK+j/A30wJ15a9F4N0ACmfldX1h Z92MCCdemhuGkUxDS5YspXj3n6aezGrDhML76scK2KVcnY26gOSMd09M30RBbOHy ECOKjN06jGpce5ouwKqNbHDNnVKRzsPy6o/3Njp1Fotk7FbGieoNcbjfjQIgTYYa eWY3NQHEG5AZrAlf8KH7dO9SBMHQuM/DJsiBIok9Qcfh+GOjdL8YC7GIbf6gRBp7 NrKg9EpUOuHiij15Ephnr37zvAJfpBqXKXKT/4A/81qGWwgffQxsf5e2yg9327Zm cZpWBoT7Ge4L8YcgaHU+FLfhJPwZc4UB78pmcAarZ7ypa3ETub3bfaUoz2laCkUD xnlt94Ck2CbFtfjuLCO1vBxj0w8+Jm4zVCbFCIIAxJH/eaxwLuCx5E/30J4p8Wk+ ul7eB7EtKrJNRltZde/b7IX9HWBDaQ8WbkXlIZn+EJwCDGX8RtTYlBN7fLloJHwe X/Y2WlaZt6qYE2G7O0GETW6pdMtwlQ6UOjqL6PqqJjSFXUiSEn8xwF24U+ytWUpB RmO1fSOeumWTpQh30IKL5QIDAQABo4GcMIGZMB0GA1UdDgQWBBTtxw+0FwmnT9H9 fQh6vKkBYdPawTBqBgNVHSMEYzBhgBTtxw+0FwmnT9H9fQh6vKkBYdPawaE+pDww OjEYMBYGA1UEAxMPY2EzLmRlZXp0ZWsuY29tMR4wHAYJKoZIhvcNAQkBFg9jYTNA ZGVlenRlay5jb22CCQCbJtDI7KSWSzAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEB BQUAA4ICAQCg2z3eBEs8I8Lo1d+940YUTyjsAm6qmPs0R8NfqRXtmSKrw+KUQj77 t1uSaS5FOPsn95QGhSbOcKjyQ3vQOwS1fMThJLg/qgHsHQoDmZQWP0RBeG6P+FCR stKjYO3kjUEbO8nXVLC330X3SdBjmM4KqqG3q8HO9XKDmPcRlU7ruP4F/3PDOIzS DnmhuHb5FSx7pEawj4f1tU/vc5tMPQQOOdRqjFENk7lU+020U8hPUHgIAhA/Dmdx GlLobFY6NsSZBsvdbB6JnUQcV0iyoVqCob9aeySHY4L398XRrhX3TfN5LjXnyvbQ aQKn1oKCwM3bGvWI1lsJHCduJAmHA4DBxL9TEAvg1fLAaR2mr/lGUEOynDMFhWwm QK22ccQKj5W3mBJOeTngdbCInxqGhBSQs1avx+MDQw0znUNpxmc2HEpL+BybhfPM oHNy3FjiyCj4PlMB10Uoew3LYBAWukUk4qDZYpMJeVgCbV0e12tWkuFYAHmZZSSF aaxTPPxQkSef0NI+lww3ozpEu2OQBJuzeIhHokq44fpuQYAfdsFlbMXVq9RYYNyj mdJtZDqO3uRpMpklOp2acpKx6MpVhNFNWkQ0TJ7K8x6rW7L/BgLAIThMU6KiGIXY VSjVBAcgfCJGH/rHJyOIA/xL3QrfAGMrdWaupIVgLWtBZvOrbOpLMQ== -END CERTIFICATE- -BEGIN CERTIFICATE- MIIE8DCCAtgCAQEwDQYJKoZIhvcNAQEFBQAwOjEYMBYGA1UEAxMPY2EzLmRlZXp0 ZWsuY29tMR4wHAYJKoZIhvcNAQkBFg9jYTNAZGVlenRlay5jb20wHhcNMTIxMTE5 MTI1NjM0WhcNMTcxMTE4MTI1NjM0WjBCMRwwGgYDVQQDExNpbnQtY2EzLmRlZXp0 ZWsuY29tMSIwIAYJKoZIhvcNAQkBFhNpbnQtY2EzQGRlZXp0ZWsuY29tMIICIjAN BgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAsTwKBHiFZQBfhV8EiQ8Kq1ivq9Ou FoSWU/VEionIlAdzZK0WpQrtEprbugldGVe/yQcQqgMyKDsNq4MBNBmkRbS9CM2x Mc0fl+7ne0uS2N/aCLBMdDwONpfGDBKuiiK2DS52iFe8VbOas9aOim06LEjN+iZv PhtP+tQW5s8poe1xUHNykit24fht5v0ikqqBI/ac9yhV1sfmTdyM9gAe/BPs2TFT +9inxIE00pcIsDZ6odiqzU1QSPuW0NJaQbyIzdptoqXZwEYzsdKV2GWBQ+CpZZMm EZdAfKsGvlvU+f2O1nm6lKyL7dIdEV3x1l7Q2iFGLkC/zSKozs1CJzGLGkVZ0VTA 5LOv37SfZZC8IJ6zykIp8siZUlN/u6gMI7Qjnk38YP9GkLPDMvMqrbfHGZtCP2Aj qPg4UBKa7umTh0M4rCn8gj6Urh32n/m+WcU1vHjefLmhly//IdmWBQ+navcnq1e1 vXt/1qHTj2ynMoASLXg2k4jOFFldf3vvwgGfkGJDmdD34ANczpV9o7VOgC3Qd+k3 jAbG8tOmNXFsOIuSlbYfFzg1ijaXBgCmhbAkh81BbLU/MZd1jWwzI8MRggZZANMK xaQpu0VSP5oW5e76sX/MQnuS0ihwLkAWhLfe/2Y59BdGwC0Rxat7u8BIQ90uPlaj rGlItlOBTwPK3GECAwEAATANBgkqhkiG9w0BAQUFAAOCAgEAE4x82QOaE2I16a/f IZvMiTc7UaJ8amWylZrQLYG0ZfdhwcJHyOel9sN/Cu0XVjtFJTdKIhBT73ryDq9v SlnmOuEt0SqmeQhgwVusvd7RfgNIvPqRPw/gCaeNz1qct/3Qigy9DbQ1vb1e/3lI MBZqeGTXgnBsXrIoSgzDdohU/nQcMdKRH/Iins+qh4J8G4zqpkB1v/3Uylz/3GUQ XCfj/tcJev/r6ONaVY5dsZe2XkVIJlc7YkevWOiact5x2XqVgDLTUyrnru3iilHY Xf74UYFVgbIBqmr+8oQ9tZLQuFBxRrJ33xx/TbZAqXXSTd5CTWSJZx9z4j6XiZZr qyqa/PzDKTmMju4Y/KIUgIgYsl9cA0LVmEX9a/Ec+XKgXIbvA8FvA4RAM+zsVsZ+ UW5JNW/wqAs3zKxhyHd4PHj1MdNJI7vEh8GhnbYW9SkwjYdCgYBzjpG/krgq7b7H yq/31Jz/d7xlwtZ/6FQ7bDV+qtNQ28QjbmB184C3VO+0hywGZWNf7sjJhZEkUYce IH5FCzF141l8ys2E+G04vxeYWHkTJuBChRMnFKnsSKjHn6/P7cVEQacy3002G2ZX wzXrL6Hmgzr3O7I8RwlkbDMYmbaROiBoKB2DhlBKXxVAgD8Fsp8AOj6wxLBXjg/V LMJHeiywxLvyFl6uPSjjMjTzcXk= -END CERTIFICATE- On 11/19/2012 11:26 AM, Erwann Abalea wrote: Can you post here the certificate chain? Not the private key, only the certificates, from the root down to the end-entity. -- Deeztek.com Support http://www.deeztek.com smime.p7s Description: S/MIME Cryptographic Signature
Re: Question about exporting user certificate files to .pfx
I fixed the command and it created the end user .pfx file. It imported successfully into windows but I get this message when I looked at the certification chain for the intermediate ca: This certification authority is not allowed to issue certificates or cannot be used as an end-entity certificate. Any idea why I would get this? or would it affect anything? On 11/19/2012 10:47 AM, Dr. Stephen Henson wrote: On Mon, Nov 19, 2012, Deeztek.com Support wrote: Nevermind the last message, you said *concatenate* the CA certificate together. So, this is what i did: Root cert: cat ca.crt > cachain.pem Int-ca cert: cat int-ca.crt >> cachain.pem Ran the following but it didn't work: openssl pkcs12 -export -out someone.pfx -inkey someone.key -in someone.crt -certfile cachain.pem -passout:somepassword If you used that exact command the -possout syntax is incorrect. It should be -passout pass:somepassword Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org -- Deeztek.com Support http://www.deeztek.com smime.p7s Description: S/MIME Cryptographic Signature
Re: Question about exporting user certificate files to .pfx
I meant, I run the command, I get no error, no pfx file is created and I simply get the openssl help command: Usage: pkcs12 [options] where options are -export output PKCS12 file -chainadd certificate chain -inkey file private key if not infile What do you mean "didn't work"? Did you get an error message from the command, did the import fail or the certificate chain is still not visible under Windows? Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org -- Deeztek.com Support http://www.deeztek.com smime.p7s Description: S/MIME Cryptographic Signature
Re: Question about exporting user certificate files to .pfx
Nevermind the last message, you said *concatenate* the CA certificate together. So, this is what i did: Root cert: cat ca.crt > cachain.pem Int-ca cert: cat int-ca.crt >> cachain.pem Ran the following but it didn't work: openssl pkcs12 -export -out someone.pfx -inkey someone.key -in someone.crt -certfile cachain.pem -passout:somepassword On 11/19/2012 10:02 AM, Dr. Stephen Henson wrote: On Mon, Nov 19, 2012, Deeztek.com Support wrote: I have created a CA and an intermediate CA. I use the intermediate CA to create self-signed s/mime certificates for end users which works fine. I need to be able to create .pfx files form those end user certificates and include the CA chain into the pfx file. Currently the command I use to export the user certificates to .pfx is as follows: openssl pkcs12 -export -out someone.pfx -inkey someone.key -in someone.crt -passout:somepassword This works fine but when i import the .pfx file into my windows sytem, the certificate chain is not there and I have no way of trusting the certificate. How would I go about including the certificate chain into the pfx file? Concatenate the CA certificate together and use the -certfile option. See: http://www.openssl.org/docs/apps/pkcs12.html#FILE_CREATION_OPTIONS Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org -- Deeztek.com Support http://www.deeztek.com smime.p7s Description: S/MIME Cryptographic Signature
Re: Question about exporting user certificate files to .pfx
Sorry, I'm not sure what you mean by concentrate the CA certificate together. On 11/19/2012 10:02 AM, Dr. Stephen Henson wrote: On Mon, Nov 19, 2012, Deeztek.com Support wrote: I have created a CA and an intermediate CA. I use the intermediate CA to create self-signed s/mime certificates for end users which works fine. I need to be able to create .pfx files form those end user certificates and include the CA chain into the pfx file. Currently the command I use to export the user certificates to .pfx is as follows: openssl pkcs12 -export -out someone.pfx -inkey someone.key -in someone.crt -passout:somepassword This works fine but when i import the .pfx file into my windows sytem, the certificate chain is not there and I have no way of trusting the certificate. How would I go about including the certificate chain into the pfx file? Concatenate the CA certificate together and use the -certfile option. See: http://www.openssl.org/docs/apps/pkcs12.html#FILE_CREATION_OPTIONS Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org -- Deeztek.com Support http://www.deeztek.com smime.p7s Description: S/MIME Cryptographic Signature
Question about exporting user certificate files to .pfx
I have created a CA and an intermediate CA. I use the intermediate CA to create self-signed s/mime certificates for end users which works fine. I need to be able to create .pfx files form those end user certificates and include the CA chain into the pfx file. Currently the command I use to export the user certificates to .pfx is as follows: openssl pkcs12 -export -out someone.pfx -inkey someone.key -in someone.crt -passout:somepassword This works fine but when i import the .pfx file into my windows sytem, the certificate chain is not there and I have no way of trusting the certificate. How would I go about including the certificate chain into the pfx file? thanks in advance. smime.p7s Description: S/MIME Cryptographic Signature
new cert installed but ssl server dies
Hi I just installed a new ssl cert under apache 2.0.52 on FC3 and openssl 0.9.7e now with debug on the logging seems a lot less and the last few lines of failed server read as [Sat Apr 23 09:06:21 2005] [info] Connection: Client IP: 11.22.33.44, Protocol: SSLv3, Cipher: RC4-MD5 (128/128 bits) [Sat Apr 23 09:06:21 2005] [debug] ssl_engine_io.c(1517): OpenSSL: I/O error, 5 bytes expected to read on BIO#9b5bc40 [mem: 9b6cca8] [Sat Apr 23 09:06:21 2005] [info] (70014)End of file found: SSL input filter read failed. [Sat Apr 23 09:06:21 2005] [debug] ssl_engine_kernel.c(1789): OpenSSL: Write: SSL negotiation finished successfully [Sat Apr 23 09:06:21 2005] [info] Connection to child 3 closed with standard shutdown(server secure.server.com:443, client 11.22.33.44) (IP & Servername changed) any idea why when i try to connect it dies? Mark __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Creating my own CA
I've got OpenSA (Apache w/openssl+modssl) running on a Windows platform and am trying to create my own CA. I'm able to create a private key and make a cert for that CA but can't use my CA to sign the CSR. I see from the modssl docs the step by step but then the last step gets to running the script sign.sh and, well, obviously Windows has some problems running a .sh file. Every place I see on line mentions that there's some strange requirements of the "openssl ca" command. Does anyone know of some other approach to sign the CSR. I've been messing with CygWin and Mac OSx and a few other things but it seems like an awful lot of trouble to go through if I have to actually 'build' a *nix server just to sign my server cert. Any help is always appreciated. Kevin Ericson Kinetic Technologies, Inc. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Creating my own CA
I've got OpenSA (Apache w/openssl+modssl) running on a Windows platform and am trying to create my own CA. I'm able to create a private key and make a cert for that CA but can't use my CA to sign the CSR. I see from the modssl docs the step by step but then the last step gets to running the script sign.sh and, well, obviously Windows has some problems running a .sh file. Every place I see on line mentions that there's some strange requirements of the "openssl ca" command. Does anyone know of some other approach to sign the CSR. I've been messing with CygWin and Mac OSx and a few other things but it seems like an awful lot of trouble to go through if I have to actually 'build' a *nix server just to sign my server cert. Any help is always appreciated. Kevin Ericson Kinetic Technologies, Inc. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
国内外贸易动力之源
[ ÈôÄú²»¸ºÔðÕâ·½ÃæµÄÒµÎñ, ÇëתÏà¹ØÒµÎñ»ò²¿ÃŵĸºÔðÈË£¬Íò·Ö¸Ðл ] [ Èô±¾Óʼþ´òÈÅÁËÄú£¬ÎÒÃÇÍò·Ö±§Ç¸ ] £££££££££££££££££££££££££££££££££ ¹úÄÚÍâóÒ׶¯Á¦Ö®Ô´** ¡°ÓʼþѲ²¶¡±ÊÇInternet¶¨Ïò¿Í»§ËÑË÷¹¤¾ß£¬ÄúÖ»ÐèÒªÊäÈëËÑË÷¹Ø¼ü×Ö£¬ ¾Í¿ÉÒÔ×Ô¶¯µØÔÚ»¥ÁªÍøÉϽøÐÐËÑË÷£¬²»µ½¼¸ÃëÖÓ£¬ÓʼþµØÖ· ¾Í»áÔ´Ô´²»¶ÏµÄ³öÏÖÔÚÄúÃæÇ°¡£ 1 ¶¨ÏòÐÔ£¬Ö»ËÑË÷ͬÄúÒµÎñÏà¹Ø¹«Ë¾µÄÍøÕ¾ºÍEmail. 2 ËÑË÷Ëٶȿì: ¶àÏß³ÌËÑË÷£¬Ã¿Ð¡Ê±¿ÉÒÔËÑË÷³ÉǧÉÏÍòµÄEmail¡£ 3 ¼¯³É21¸ö¶¥¼¶ËÑË÷ÒýÇ棺ÐÂÀË£¬ËÑ»¡£¬ÍøÒ×£¬21CN, 263, YahooµÈµÈ 4 ·µ»ØÐÅÏ¢·á¸»£º²»½öÊÕ¼¯ÓʼþµØÖ·£¬Í¬Ê±»¹Ìṩ¸ÃµØÖ·µÄÀ´Ô´ÍøÖ·¡£ 5 ¶àÓïÖÖÖ§³Ö£º¼´¿ÉËÑË÷ÖÐÎÄÐÅÏ¢£¬ÓÖ¿ÉËÑË÷Ó¢ÎÄ£¬µÂÎĵÈÍâÎÄÐÅÏ¢. 6 ¿ÉÒÔÈÃÄúÇáËɽ¨Á¢¿Í»§Ô´£¬À©´óÒµÎñÁ¿£¬ÌáÉý¾ºÕùÁ¦¡£ ²»¹ÜÄúÊÇ×ö¹úÄÚÒµÎñ»¹Êǹú¼ÊÒµÎñ£¬ÓʼþѲ²¶¶¼ÊÇÄúÇ¿ÓÐÁ¦µÄÖúÊÖ¡£ --- "ÓʼþÌØ¿ì": .Ç¿´óµÄÖ±½Ó·¢ËÍÄÜÁ¦¡£ÄÚ½¨Óʼþ·¢ËÍ·þÎñÆ÷£¬²»ÐèÄúµÄSMTP·þÎñÆ÷ Ö±½Ó°ÑÓʼþ·¢¸øÊÕ¼þÈË¡£ .¸ßËÙÌؿ죬ÿСʱÈη¢ËÍ5,6ÍòÓʼþ .רҵÐÔÒ»¶ÔÒ»·¢ËÍ -- "ÓʼþУÑéר¼Ò": ÊÇÒ»¿îרҵ¿ìËÙÓʼþµØÖ·ÕýÈ·ÐÔУÑéÈí¼þ. .ʹÓöàÏ̼߳¼Êõ£¬Ã¿Ð¡Ê±Äܹ»Ð£Ñ鼸ʮÍò·ÝÓʼþ. .ÌÞ³ý´íÎó²»´æÔÚµÄÖظ´µÄÓʼþµØÖ·£¬Ìá¸ßÓʼþ·¢Ë͵ÄÓÐЧÐÔ¡£ .½ÚÊ¡ÈËÁ¦ÎïÁ¦¡£ »¶ÓÃâ·ÑÏÂÔØÊÔÓà http://www.email-tool.com/china/download.html ¶©¹º http://www.email-tool.com/china/order.html µç»°£º86-755-6568917 ÁªÏµÈË£º·ëÏÈÉú ÉîÛÚÊÐÒ×ÍØÒÀ¿Æ¼¼¿ª·¢ÓÐÏÞ¹«Ë¾ http://www.email-tool.com Dear [Email], We are the software development company: "Target Customer Search Expert" Integrated with 21 top search engine to find your customers' web addresses and email addresses. Invaluable Internet Marketing Tool. If you are interested to buy or to be an agent to sell our software, please contact with me. Indetail introduction, please access http://www.email-tool.com/ [ Very sorry to matter you in such style] [remove please replywith subject: remove] [ Èô±¾Óʼþ´òÈÅÁËÄú£¬ÎÒÃÇÍò·Ö±§Ç¸ ] [ ³ý·ÇÓÐÄúµÄÔÊÐí£¬·ñÔòÎÒÃDz»»áÔٴδòÈÅÄú£¬Ôٴαíʾ±§Ç¸] - ÓʼþѲ²¶£º¼¯³É21¸öËÑË÷ÒýÇ棬¶¨ÏòËÑË÷ÓʼþµØÖ·¡£ http://www.emailspidereasy.com/china/ -- ±¾ÓʼþÓÉ¿Í»§×ÔÐÐÀûÓÃÍØÒ×"ÓʼþÌØ¿ì"·¢ËÍ,·¢Ëͼ°ÄÚÈݾùÓë±¾¹«Ë¾Î޹ء£ ---
WARNING. You sent a potential virus or unauthorised code
The MessageLabs Virus Control Centre discovered a possible virus or unauthorised code (such as a joke program or trojan) in an email sent by you. Please read this whole email carefully. It explains what has happened to your email, which suspected virus has been caught, and what to do if you need help. For more information please visit http://www.star.net.uk/Support/Faq/FAQ.asp Some details about the infected message To help identify the email: The message sender was [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] (if this is not your email address, the message sender possibly belongs to a mailing list to which you both subscribe.) The message was titled 'Hi' The message date was Wed, 5 Dec 2001 10:16:29 +0530 The message identifier was <[EMAIL PROTECTED]> The message recipients were [EMAIL PROTECTED] To help identify the virus: Scanner 1 (F-Secure) reported the following: F-Secure Anti-Virus for i386-linux Release 4.13 build 3360 Frisk Software International F-PROT engine version 3.10 build 701 225396_2MA-OCTET-STREAM_gone.scrinfection: W95/Goner.A@mm 1 files scanned 1 infections found The message was diverted into the virus holding pen on mail server server-22.tower-4.starlabs.net (id 225396_1007527501) and will be held for 30 days before being destroyed. For more information please visit http://www.star.net.uk/Support/Faq/FAQ.asp What should you do now? If you sent the email from a corporate network, you should first contact your local Helpdesk or System Administrator for advice. They will be able to help you disinfect your workstation. If you sent the email from a personal or home account, you will need to disinfect your computer yourself. To do this you will need an anti-virus program. We suggest using one of the leading industry anti-virus packages such as McAfee, F-Secure or Cybersoft, which cost £15-£30 per copy. For more information please visit http://www.star.net.uk/Support/Faq/FAQ.asp Getting more help If you require further assistance please visit the FAQ section on our website, the address is as follows: For more information please visit http://www.star.net.uk/Support/Faq/FAQ.asp _ This message has been checked for all known viruses by the MessageLabs Virus Scanning Service. For further information visit http://www.messagelabs.com/stats.asp __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
WARNING. You sent a potential virus or unauthorised code
The MessageLabs Virus Control Centre discovered a possible virus or unauthorised code (such as a joke program or trojan) in an email sent by you. Please read this whole email carefully. It explains what has happened to your email, which suspected virus has been caught, and what to do if you need help. For more information please visit http://www.star.net.uk/Support/Faq/FAQ.asp Some details about the infected message To help identify the email: The message sender was [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] (if this is not your email address, the message sender possibly belongs to a mailing list to which you both subscribe.) The message was titled 'Fw: site i found !' The message date was Fri,23 Nov 2001 22:22:44 - The message identifier was <[EMAIL PROTECTED]> The message recipients were [EMAIL PROTECTED] To help identify the virus: Scanner 2 (NAI Virus Scan) reported the following: /var/qmail/queue/split/0/145489_2MAUDIO-X-WAV_CTwhatever.exe Found the W32/Aliz@MM virus !!! The message was diverted into the virus holding pen on mail server server-19.tower-4.starlabs.net (id 145489_1006521822) and will be held for 30 days before being destroyed. For more information please visit http://www.star.net.uk/Support/Faq/FAQ.asp What should you do now? If you sent the email from a corporate network, you should first contact your local Helpdesk or System Administrator for advice. They will be able to help you disinfect your workstation. If you sent the email from a personal or home account, you will need to disinfect your computer yourself. To do this you will need an anti-virus program. We suggest using one of the leading industry anti-virus packages such as McAfee, F-Secure or Cybersoft, which cost £15-£30 per copy. For more information please visit http://www.star.net.uk/Support/Faq/FAQ.asp Getting more help If you require further assistance please visit the FAQ section on our website, the address is as follows: For more information please visit http://www.star.net.uk/Support/Faq/FAQ.asp _ This message has been checked for all known viruses by the MessageLabs Virus Scanning Service. For further information visit http://www.messagelabs.com/stats.asp __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
WARNING. You sent a potential virus or unauthorised code
The MessageLabs Virus Control Centre discovered a possible virus or unauthorised code (such as a joke program or trojan) in an email sent by you. Please read this whole email carefully. It explains what has happened to your email, which suspected virus has been caught, and what to do if you need help. For more information please visit http://www.star.net.uk/Support/Faq/FAQ.asp Some details about the infected message To help identify the email: The message sender was [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] (if this is not your email address, the message sender possibly belongs to a mailing list to which you both subscribe.) The message was titled 'Fw: site i found !' The message date was Fri,23 Nov 2001 22:22:44 - The message identifier was <[EMAIL PROTECTED]> The message recipients were [EMAIL PROTECTED] To help identify the virus: Scanner 1 (NAI Virus Scan) reported the following: /var/qmail/queue/split/0/145482_2MAUDIO-X-WAV_CTwhatever.exe Found the W32/Aliz@MM virus !!! The message was diverted into the virus holding pen on mail server server-23.tower-4.starlabs.net (id 145482_1006521761) and will be held for 30 days before being destroyed. For more information please visit http://www.star.net.uk/Support/Faq/FAQ.asp What should you do now? If you sent the email from a corporate network, you should first contact your local Helpdesk or System Administrator for advice. They will be able to help you disinfect your workstation. If you sent the email from a personal or home account, you will need to disinfect your computer yourself. To do this you will need an anti-virus program. We suggest using one of the leading industry anti-virus packages such as McAfee, F-Secure or Cybersoft, which cost £15-£30 per copy. For more information please visit http://www.star.net.uk/Support/Faq/FAQ.asp Getting more help If you require further assistance please visit the FAQ section on our website, the address is as follows: For more information please visit http://www.star.net.uk/Support/Faq/FAQ.asp _ This message has been checked for all known viruses by the MessageLabs Virus Scanning Service. For further information visit http://www.messagelabs.com/stats.asp __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
WARNING. You sent a potential virus or unauthorised code
The MessageLabs Virus Control Centre discovered a possible virus or unauthorised code (such as a joke program or trojan) in an email sent by you. Please read this whole email carefully. It explains what has happened to your email, which suspected virus has been caught, and what to do if you need help. For more information please visit http://www.star.net.uk/Support/Faq/FAQ.asp Some details about the infected message To help identify the email: The message sender was [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] (if this is not your email address, the message sender possibly belongs to a mailing list to which you both subscribe.) The message was titled 'Funny site hehe ;-)' The message date was Fri,23 Nov 2001 22:21:46 - The message identifier was <[EMAIL PROTECTED]> The message recipients were [EMAIL PROTECTED] To help identify the virus: Scanner 1 (NAI Virus Scan) reported the following: /var/qmail/queue/split/0/227150_2MAUDIO-X-WAV_CTwhatever.exe Found the W32/Aliz@MM virus !!! The message was diverted into the virus holding pen on mail server server-11.tower-4.starlabs.net (id 227150_1006521852) and will be held for 30 days before being destroyed. For more information please visit http://www.star.net.uk/Support/Faq/FAQ.asp What should you do now? If you sent the email from a corporate network, you should first contact your local Helpdesk or System Administrator for advice. They will be able to help you disinfect your workstation. If you sent the email from a personal or home account, you will need to disinfect your computer yourself. To do this you will need an anti-virus program. We suggest using one of the leading industry anti-virus packages such as McAfee, F-Secure or Cybersoft, which cost £15-£30 per copy. For more information please visit http://www.star.net.uk/Support/Faq/FAQ.asp Getting more help If you require further assistance please visit the FAQ section on our website, the address is as follows: For more information please visit http://www.star.net.uk/Support/Faq/FAQ.asp _ This message has been checked for all known viruses by the MessageLabs Virus Scanning Service. For further information visit http://www.messagelabs.com/stats.asp __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
WARNING. You sent a potential virus or unauthorised code
The MessageLabs Virus Control Centre discovered a possible virus or unauthorised code (such as a joke program or trojan) in an email sent by you. Please read this whole email carefully. It explains what has happened to your email, which suspected virus has been caught, and what to do if you need help. For more information please visit http://www.star.net.uk/Support/Faq/FAQ.asp Some details about the infected message To help identify the email: The message sender was [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] (if this is not your email address, the message sender possibly belongs to a mailing list to which you both subscribe.) The message was titled 'Aug 1994-Jan 1995 Palmerston North Hospital Private' The message date was Sun, 4 Nov 2001 09:35:18 +1300 The message identifier was <[EMAIL PROTECTED]> The message recipients were [EMAIL PROTECTED] To help identify the virus: Scanner 1 (F-Secure) reported the following: F-Secure Anti-Virus for i386-linux Release 4.13 build 3360 Frisk Software International F-PROT engine version 3.10 build 701 483098_2MA-OCTET-STREAM_ZealandjTel.pif infection: W95/Magistr.32768@mm 1 files scanned 1 infections found The message was diverted into the virus holding pen on mail server server-17.tower-4.starlabs.net (id 483098_1004819919) and will be held for 30 days before being destroyed. For more information please visit http://www.star.net.uk/Support/Faq/FAQ.asp What should you do now? If you sent the email from a corporate network, you should first contact your local Helpdesk or System Administrator for advice. They will be able to help you disinfect your workstation. If you sent the email from a personal or home account, you will need to disinfect your computer yourself. To do this you will need an anti-virus program. We suggest using one of the leading industry anti-virus packages such as McAfee, F-Secure or Cybersoft, which cost £15-£30 per copy. For more information please visit http://www.star.net.uk/Support/Faq/FAQ.asp Getting more help If you require further assistance please visit the FAQ section on our website, the address is as follows: For more information please visit http://www.star.net.uk/Support/Faq/FAQ.asp _ This message has been checked for all known viruses by the MessageLabs Virus Scanning Service. For further information visit http://www.messagelabs.com/stats.asp __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: FTP over SSL
The implementation of AUTH SSL/TLS in the FTP client support that comes with Kermit 95 and C-Kermit 8.0 http://www.kermit-project.org/ftpd.html supports all ciphers supported by OpenSSL; reuses the session for the data connections; and properly performs verification of server certificates unlike several other clients; and supports the use of client certificates. > > But be warned that WS FTP uses only 40 bit export ciphers, at least the > versions which i checked (V6.6 and V7.0-Tryout). Another possibility is > CuteFTP, which uses strong encryption. A possible drawback with both > clients is that it is not possible to encrypt only the control connection > (in case when you only want to protect the password with SSL). This may > have a severe impact on the transfer rate. The third Windows-Client known > to me is Igloo FTP, which allows to encrypt only the control connection, > but is restricted to weak 40 bit export ciphers too. > A further drawback of WS FTP and Cute FTP is, that they use for the data > connection a new SSL session (no resumption of the SSL session of the > control connection). This leads to an unnecessary high load on the FTP > server. Some server may therefore even disallow the use of a separate > session for the data connection. > All in all there is IMHO no Windows FTP client, which could be currently > recommended unrestricted. > (CuteFTP: www.globalscape.com, Igloo FTP: www.iglooftp.com). > Ciao, > Richard > -- > Dr. Richard W. Könning > Fujitsu Siemens Computers GmbH, EP LP COM 5 > Phone/Fax: +49-89-636-47852 / 47655 > E-Mail: [EMAIL PROTECTED] > > __ > OpenSSL Project http://www.openssl.org > User Support Mailing List[EMAIL PROTECTED] > Automated List Manager [EMAIL PROTECTED] > Jeffrey Altman * Sr.Software Designer C-Kermit 8.0 Beta available The Kermit Project @ Columbia University includes Secure Telnet and FTP http://www.kermit-project.org/ using Kerberos, SRP, and [EMAIL PROTECTED] OpenSSL. SSH soon to follow. ______ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: ftp client and passive mode
> Hello all! > I wanted to know if someone out there have compiled a a version of the bsd > ftp client that supports passive mode with SSLEAY? The ftp client that came > with the SSL source code doesn't have passive mode. > See http://www.kermit-project.org/ftpclient.html Jeffrey Altman * Sr.Software Designer C-Kermit 8.0 Beta available The Kermit Project @ Columbia University includes Secure Telnet and FTP http://www.kermit-project.org/ using Kerberos, SRP, and [EMAIL PROTECTED] OpenSSL. SSH soon to follow. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
WARNING. You sent a potential virus or unauthorised code
The MessageLabs Virus Control Centre discovered a possible virus or unauthorised code (such as a joke program or trojan) in an email sent by you. Please read this whole email carefully. It explains what has happened to your email, which suspected virus has been caught, and what to do if you need help. Some details about the infected message To help identify the email: The message sender was [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] (if this is not your email address, the message sender possibly belongs to a mailing list to which you both subscribe.) The message was titled 'Rejected Message' The message date was Mon, 20 Aug 2001 17:55:51 +0200 (MET DST) The message identifier was <[EMAIL PROTECTED]> The message recipients were [EMAIL PROTECTED] To help identify the virus: Scanner 1 (F-Secure) reported the following: F-Secure Anti-Virus for i386-linux Release 4.08 build 2260 sign.def version 2001-08-21 fsmacro.def version 2001-08-20 sign2.def version 2001-08-21 632828_3MA-X-MSDOWNLOAD_Emanuel.exe infection: W95/Navidad.16896 2 files scanned 1 infections found The message was diverted into the virus holding pen on mail server server-16.tower-4.starlabs.net (id 632828_998475214) and will be held for 30 days before being destroyed. What should you do now? If you sent the email from a corporate network, you should first contact your local Helpdesk or System Administrator for advice. They will be able to help you disinfect your workstation. If you sent the email from a personal or home account, you will need to disinfect your computer yourself. To do this you will need an anti-virus program. We suggest using one of the leading industry anti-virus packages such as McAfee, F-Secure or Cybersoft, which cost £15-£30 per copy. Getting more help If you believe this message to be a false alarm or you require further assistance, you can email Star Internet Support at:- [EMAIL PROTECTED] or contact Star Helpdesk by telephone on:- +44 (0) 1285 884433 Please quote the following Virus Pen ID when contacting Support. <<< mail server server-16.tower-4.starlabs.net (id 632828_998475214) >>> If replying by email, please forward this entire email. _ This message has been checked for all known viruses by the MessageLabs Virus Scanning Service. For further information visit http://www.messagelabs.com/stats.asp __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
WARNING. You sent a potential virus or unauthorised code
The MessageLabs Virus Control Centre discovered a possible virus or unauthorised code (such as a joke program or trojan) in an email sent by you. Please read this whole email carefully. It explains what has happened to your email, which suspected virus has been caught, and what to do if you need help. Some details about the infected message To help identify the email: The message sender was [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] (if this is not your email address, the message sender possibly belongs to a mailing list to which you both subscribe.) The message was titled Rejected Message The message date was Mon, 20 Aug 2001 17:55:51 +0200 (MET DST) The message identifier was <[EMAIL PROTECTED]> The message recipients were [EMAIL PROTECTED] To help identify the virus: Scanner 1 (F-Secure) reported the following: F-Secure Anti-Virus for i386-linux Release 4.08 build 2260 sign.def version 2001-08-21 fsmacro.def version 2001-08-20 sign2.def version 2001-08-21 503008_3MA-X-MSDOWNLOAD_Emanuel.exe infection: W95/Navidad.16896 2 files scanned 1 infections found The message was diverted into the virus holding pen on mail server server-4.tower-4.starlabs.net (id 503008_998475126) and will be held for 30 days before being destroyed. What should you do now? If you sent the email from a corporate network, you should first contact your local Helpdesk or System Administrator for advice. They will be able to help you disinfect your workstation. If you sent the email from a personal or home account, you will need to disinfect your computer yourself. To do this you will need an anti-virus program. We suggest using one of the leading industry anti-virus packages such as McAfee, F-Secure or Cybersoft, which cost £15-£30 per copy. Getting more help We strongly recommend that you read the Support FAQs at http://www.messagelabs.com/support/FAQs.htm These will answer many of the most common queries. If you subscribe to the MessageLabs SkyScan AV Service, please contact your IT Helpdesk/Support department for further assistance. If you do not subscribe to the MessageLabs SkyScan AV Service please contact ISP4 Business on:- + 44 (0) 8707 001718 You may contact one of our Messaging Technicians at MessageLabs Helpdesk 7 days a week , 6am - 12pm on:- +44 (0)9067 579 001 All calls will be charged at £0.75p per minute. If you believe this message to be a false alarm, you can email ISP4 Business at:- [EMAIL PROTECTED] Please quote the following Virus Pen ID when contacting Support. If replying by email, please forward this entire email. _ This message has been checked for all known viruses by the MessageLabs Virus Scanning Service. For further information visit http://www.messagelabs.com/stats.asp __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
WARNING. You sent a potential virus or unauthorised code
The MessageLabs Virus Control Centre discovered a possible virus or unauthorised code (such as a joke program or trojan) in an email sent by you. Please read this whole email carefully. It explains what has happened to your email, which suspected virus has been caught, and what to do if you need help. Some details about the infected message To help identify the email: The message sender was [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] (if this is not your email address, the message sender possibly belongs to a mailing list to which you both subscribe.) The message was titled Re: quick and dirty tunnel to SSL ? The message date was Mon, 20 Aug 2001 15:41:02 +0900 (KST) The message identifier was <00d301c12944$0d8a31c0$48403ed3@SCL> The message recipients were [EMAIL PROTECTED] To help identify the virus: Scanner 1 (NAI Virus Scan) reported the following: /var/qmail/queue/split/0/502989_2MA-X-MSDOWNLOAD_Emanuel.exe Found the W32/Navidad.e@M virus !!! The message was diverted into the virus holding pen on mail server server-7.tower-4.starlabs.net (id 502989_998290769) and will be held for 30 days before being destroyed. What should you do now? If you sent the email from a corporate network, you should first contact your local Helpdesk or System Administrator for advice. They will be able to help you disinfect your workstation. If you sent the email from a personal or home account, you will need to disinfect your computer yourself. To do this you will need an anti-virus program. We suggest using one of the leading industry anti-virus packages such as McAfee, F-Secure or Cybersoft, which cost £15-£30 per copy. Getting more help We strongly recommend that you read the Support FAQs at http://www.messagelabs.com/support/FAQs.htm These will answer many of the most common queries. If you subscribe to the MessageLabs SkyScan AV Service, please contact your IT Helpdesk/Support department for further assistance. If you do not subscribe to the MessageLabs SkyScan AV Service please contact ISP4 Business on:- + 44 (0) 8707 001718 You may contact one of our Messaging Technicians at MessageLabs Helpdesk 7 days a week , 6am - 12pm on:- +44 (0)9067 579 001 All calls will be charged at £0.75p per minute. If you believe this message to be a false alarm, you can email ISP4 Business at:- [EMAIL PROTECTED] Please quote the following Virus Pen ID when contacting Support. If replying by email, please forward this entire email. _ This message has been checked for all known viruses by the MessageLabs Virus Scanning Service. For further information visit http://www.messagelabs.com/stats.asp __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
WARNING. You sent a potential virus or unauthorised code
The MessageLabs Virus Control Centre discovered a possible virus or unauthorised code (such as a joke program or trojan) in an email sent by you. Please read this whole email carefully. It explains what has happened to your email, which suspected virus has been caught, and what to do if you need help. Some details about the infected message To help identify the email: The message sender was [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] (if this is not your email address, the message sender possibly belongs to a mailing list to which you both subscribe.) The message was titled 'Re: quick and dirty tunnel to SSL ?' The message date was Mon, 20 Aug 2001 15:41:02 +0900 (KST) The message identifier was <00d301c12944$0d8a31c0$48403ed3@SCL> The message recipients were [EMAIL PROTECTED] To help identify the virus: Scanner 1 (F-Secure) reported the following: F-Secure Anti-Virus for i386-linux Release 4.08 build 2260 sign.def version 2001-08-16 fsmacro.def version 2001-08-16 sign2.def version 2001-08-16 502980_2MA-X-MSDOWNLOAD_Emanuel.exe infection: W95/Navidad.16896 1 files scanned 1 infections found The message was diverted into the virus holding pen on mail server server-9.tower-4.starlabs.net (id 502980_998290812) and will be held for 30 days before being destroyed. What should you do now? If you sent the email from a corporate network, you should first contact your local Helpdesk or System Administrator for advice. They will be able to help you disinfect your workstation. If you sent the email from a personal or home account, you will need to disinfect your computer yourself. To do this you will need an anti-virus program. We suggest using one of the leading industry anti-virus packages such as McAfee, F-Secure or Cybersoft, which cost £15-£30 per copy. Getting more help If you believe this message to be a false alarm or you require further assistance, you can email Star Internet Support at:- [EMAIL PROTECTED] or contact Star Helpdesk by telephone on:- +44 (0) 1285 884433 Please quote the following Virus Pen ID when contacting Support. <<< mail server server-9.tower-4.starlabs.net (id 502980_998290812) >>> If replying by email, please forward this entire email. _ This message has been checked for all known viruses by the MessageLabs Virus Scanning Service. For further information visit http://www.messagelabs.com/stats.asp __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: FTP over SSH2
> hi, > Was not aware of that.. ?n for recommending to windows users > what clients for SSL-FTP are currently available that encrypt both > channels? > TIA Kermit 95 comes with a secure FTP client that encrypts both channels. http://www.kermit-project.org/k95.html Jeffrey Altman * Sr.Software Designer C-Kermit 8.0 Beta available The Kermit Project @ Columbia University includes Secure Telnet and FTP http://www.kermit-project.org/ using Kerberos, SRP, and [EMAIL PROTECTED] OpenSSL. SSH soon to follow. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: (openssl-users) Weird Apache-SSL problem
From: Richard Levitte - VMS Whacker <[EMAIL PROTECTED]> >From: [EMAIL PROTECTED] > >support> I'm trying to get Apache-ssl 1.3.14 to build (from source) >and run dynamically >support> on RedHat 7.0. >support> >support> I built openssl-0.9.6 with: >support> >support> And get this when I check the Apache config: >support> >support> ./config linux-elf --prefix=/usr/local --openssldir=/usr/local/ssl >support> make >support> make install >support> >support> [root@hostee sbin]# ./httpsdctl configtest >support> Syntax error on line 239 of /etc/httpd/conf/httpd.conf: >support> Cannot load /etc/httpd/lib/apache/libssl.so into server: >undefined symbol: >support> sk_new_null > >The OpenSSL libraries are not binary compatible with previous versions >for now, especially when it comes to shareable libraries. This has >been said over and over. > >-- >Richard Levitte I'm sure you are trying to help. However, I can't tell how. Are you saying that openssl-0.9.6 won't compile and run properly when I am trying to install Apache from source on a RedHat 7.0 system? If this is the case, what is the source of openssl's incompatibility? Is there a workaround for making openssl work in a shared-library environment such as the Apache/DSO environment? Thanks, Chris -- Thanks for using Peak to Peak Internet! For technical support queries, you may find using the web site to be a convenient source of information, at http://support.peakpeak.com __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: Stanford SRP
> I'm a bit of a newbie and am trying to get some clarification and better > understanding on an issue (spurred by Seifred's controversial article): > > How does using Stanford SRP solve (or does it?) verification, the MITM > problem, and need for a CA? > http://www-cs-students.stanford.edu/~tjw/srp/project.html > > -Sean Please don't send separate posts with the same question to multiple lists. Response copied form openssl-dev The man in the middle problem is solved by having the SSL/TLS finished messaged verified as part of the SRP authentication process. If there is a MITM the the server will not have the correct client finished message, and the client will not have the correct server finished message. The failure to include the correct data in the SRP exchange will result in an authentication failure. A similar technique is used with Kerberos 5. When using Kerberos 5, the finished messages are verified by transmitting them encrypted in the Kerberos 5 session key which can only be known to the client and server. Jeffrey Altman * Sr.Software Designer C-Kermit 7.1 Alpha available The Kermit Project @ Columbia University includes Secure Telnet and FTP http://www.kermit-project.org/ using Kerberos, SRP, and [EMAIL PROTECTED] OpenSSL. SSH soon to follow. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
WARNING. You sent a potential virus or unauthorised code
The MessageLabs Virus Control Centre discovered a possible virus or unauthorised code (such as a joke program or trojan) in an email sent by you. Please read this whole email carefully. It explains what has happened to your email, which suspected virus has been caught, and what to do if you need help. Some details about the infected message To help identify the email: The message was titled 'fwd: Joke' The message date was Mon, 6 Nov 2000 10:33:18 - The message identifier was <[EMAIL PROTECTED]> The message recipients were [EMAIL PROTECTED] To help identify the virus: Scanner 1 (F-Secure) reported the following: F-Secure Anti-Virus for i386-linux Release 4.08 build 2260 sign.def version 2000-11-02 fsmacro.def version 2000-11-01 sign2.def version 2000-11-02 114487_2MA-OCTET-STREAM_Very_Funny.vbs infection: VBS/LoveLetter.gen 1 files scanned 1 infections found The message was diverted into the virus holding pen on mail server server-26.tower-1.london-2.starlabs.net (id 114487_973503129) and will be held for 30 days before being destroyed. What should you do now? If you sent the email from a corporate network, you should first contact your local Helpdesk or System Administrator for advice. They will be able to help you disinfect your workstation. If you sent the email from a personal or home account, you will need to disinfect your computer yourself. To do this you will need an anti-virus program. We suggest using one of the leading industry anti-virus packages such as McAfee, F-Secure or Cybersoft, which cost £15-£30 per copy. Getting more help You may like to read the Support FAQs at http://www.messagelabs.com/support/FAQs.htm These will answer many of the most common queries. If you believe this message to be a false alarm or you require further assistance, you can email MessageLabs Support at:- [EMAIL PROTECTED] or contact MessageLabs Helpdesk by telephone on:- +44 (0) 1285 884466 Please quote the following Virus Pen ID when contacting Support. <<< mail server server-26.tower-1.london-2.starlabs.net (id 114487_973503129) >>> _ This message has been checked for all known viruses by the MessageLabs Virus Control Centre. For further information visit http://www.messagelabs.com/stats.asp __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]