Hi,
I am writing an application using SSLeay.
I must not use RSA, because of license problems, so I must
use for authentication the public key technique of DH.
I also want not to use encryption. This may sound strange, but due to
the application nature, the data is already encrypted, and thus
sh
I started with this :
command: =>>./config
...
making links in test...
Makefile => Makefile.ssl
making links in tools...
Makefile => Makefile.ssl
c_rehash: rehashing skipped ('openssl' program not available)
- I was told that this is normal.
- but I get the following error when I try to com
Kaur Virunurm wrote:
>
> You can repeat any attribute in DN as many times as you wish.
> The way to do it is to add multiple entries for this attribute
> into the [req] session of your config file. Example:
>
> 0.stateOrProvinceName = State or Province Name 1 (full name)
> 0.stateOrPro
Paul Rubin <[EMAIL PROTECTED]>:
> Hi, I'm trying to install a GlobalID into the c2 Stronghold server,
> which uses ssleay (forerunner of openssl).
> I'm having a lot of trouble and found some messages about GlobalID's
> in the sw-mod-ssl and openssl-users archives so I thought I'd ask for
> advi
DavidTaylor <[EMAIL PROTECTED]>:
> I am testing our SSL in client mode and OpenSSL in server mode, with one
> export cipher spec enabled as shown in the command below. My question is
> why does OpenSSL look for a client certificate? It didn't write a
> certificate request message so our SSL didn'
I am using SSLeay and now Openssl to create client certificates for use
in Navigator. I have been successful importing certs (after conversion
with pkcs12) into Navigator 4.04, and having them accepted by Apache-SSL
server when the browser is challenged. However, the same cert will not
work in any
> > You can repeat any attribute in DN as many times as you wish.
> > 0.stateOrProvinceName = State or Province Name 1 (full name)
> > 0.stateOrProvinceName_default = Estonia
>
> Thanks.
> Unfortunately I cannot have it working with the -spkac option used with
> Netscape requests.
>
> installed. I have tried SSLeay 0.90 and Openssl 0.92b, have used ca-fix,
you shouldn't need ca-fix if you're working with openssl 0.9.2b
> have tried commenting out nscerttype, or changing to the nscerttype
set it to:
nsCerttype = client, email
> switch for client certs. What is special abou
What is special about version 4.04,
and how can I fix things for other versions?
One difference may be that 4.04 has a different set of built-in
Verisign roots than later versions. The later browsers have newer
roots. If your client certs are in a chain signed by Verisign, it
co