> > I have built openssl on a PowerPC running MacOSX server. The build
> > works under the following configure:
> >
> > ./Configure gcc no-threads
> >
> > But when I run 'make test' it stops as show below. I am absolutely
> > clueless on where to go from here.
>
> > test sslv2
> > ERROR
Roger Bodén wrote:
>
> I have registered a certificate validation function in my SSL_CTX struct
> using SSL_CTX_set_verify method. The callback function takes an int and
> an X509_STORE_CTX as input. Somehow I would like to pass some
> application data to this function. The ex_data field of X509_
i = X509_verify(x, X509_get_pubkey(x))
will only succeed on self-signed (CA) certificates like Verisign.
What you need to do is verify the cert using the pubkey of it's issuer:
i = X509_verify(x, X509_get_pubkey(issuer_of_x))
but this will leak memory since X509_get_pubkey(x) adds one to the r
Hi,
after stumbling over another cipher-handling bug, I have updated my
"cipher handling patch", which reorganizes the construction of the cipher
list.
Bug Description: When running into an "unexpected" symbol in the cipher
selection string, the selection routine runs into an endless loop.
Repro
>Verifying is a complex process
Now *there's* an understatement. :) The IETF PKIX draft update to the
cert/CRL profile takes 20 pages to specify "path validation." See ch6 of
http://www.imc.org/draft-ietf-pkix-new-part1
> and I don't recommend you do it manually:
Vandyke&Associates has releas
I have registered a certificate validation function in my SSL_CTX struct
using SSL_CTX_set_verify method. The callback function takes an int and
an X509_STORE_CTX as input. Somehow I would like to pass some
application data to this function. The ex_data field of X509_STORE_CTX
seems to be place to
Yuriy Stul wrote:
>
> Hello all!
>
> For each certificate in chain I do next:
>
> i = X509_verify(x, X509_get_pubkey(x));
>
> For many sites (www.chase.com, www.ubs.com, ...) I have that first certificate
> in chain has unmatched signature (i == 0). Only last certificate (from RSA )
> has
At 12:43 04.01.00 +0200, you wrote:
>Hello all!
Hello,
>For each certificate in chain I do next:
>
>i = X509_verify(x, X509_get_pubkey(x));
>For many sites (www.chase.com, www.ubs.com, ...) I have that first
certificate
>in chain has unmatched signature (i == 0). Only last certificate (from RSA
Hello all!
For each certificate in chain I do next:
i = X509_verify(x, X509_get_pubkey(x));
For many sites (www.chase.com, www.ubs.com, ...) I have that first certificate
in chain has unmatched signature (i == 0). Only last certificate (from RSA )
has good signature. Is it possible or I do
Hi folks,
I am using openssl version 4, for a proxy application.
The SSL cache is not working:
In visual debugger, on the first connection it make update of the cache,
and connect.
On a second connection it is checking the cache, not find the
session-id, and then it update again the cache.
I use
10 matches
Mail list logo
