Hi all, I have some difficult to compile openssl on my Origin200 server
I use this operation sequence:
1) ./Configure irix-n64-cc
2) gmake
3) gmake rehash
4) gmake test
On this i obtain the following errors:
testing rsa conversions
p -> d
p -> p
d -> d
p -> d
d -> p
p -> p
./rsa_oaep_tes
I am having these problem about the SSL handshake, the stronghold server
return the error code 0x28 (hanshake-failure) after my SSL client program send
the Client_key_exchange (0x16,0x03,0x00,..), Cipher_change_spec
(0x14,0x03,0x00,) and client-hanshake_finished(0x16,0x03,0x00,...). The
Why do you use stunnel in this way?
Why don't you put it in the inetd configuration file?
Tim Spencer wrote:
>
> Hey there!
>
> I've been working on setting up a certificate authenticated IMAP server
> here over the past week, and I've been stymied. I have openssl-0.9.2b
> compiled wit
Tim Spencer <[EMAIL PROTECTED]> wrote:
You've started:
> stunnel -p /usr/local/ssl/certs/stunnel.pem -d imap:993 -v 1 -f -D 7 -l
> /usr/local/sbin/imapd.uw -a /usr/local/ssl/certs/
with a certificate made with:
> nsCertType = client, email, objsign
?
Well... As you can see your certificate
Hey there!
I've been working on setting up a certificate authenticated IMAP server
here over the past week, and I've been stymied. I have openssl-0.9.2b
compiled with rsaref on a FreeBSD box, which I'm using as my CA. I have
stunnel 3.0 and openssl-0.9.2b compiled on a Sun box running S
I'm using an NT build, following the Verisign CSR
instructions, and am stuck at the "unable to find
'distinguished_name'" error below.
I have generated CSRs for Verisign with OpenSSL from a Unix
build before and don't believe I had to create a config
file.
D:\test\certs\test>openssl req -new -ke
Hello,
I am trying to install OpenSSL 0.9.2b on my IRIX 6.2 box. compiling fails
after a certain point.
when I type ./config, i dont know if it ends prematurly but it says this
after configuring a lot of makefiles:
making links in test...
Makefile => Makefile.ssl
making links in tools...
> Something fancier might be appropriate. There may be
> situations where a different chain is needed depending on
> the browser type. Is it even possible to detect the browser
> type before sending the cert chain?
Huh? Unless I've missed something, the c
I thought there were some cert issues with expiration dates...
At 01:33 PM 4/20/99 -0400, Thomas Reinke wrote:
>This may not be the answer you are looking for, but we've used
>SSLeay for some of our own work (0.9.0b) and have not
>encountered any problems during our own Y2K testing. This does
>no
This may not be the answer you are looking for, but we've used
SSLeay for some of our own work (0.9.0b) and have not
encountered any problems during our own Y2K testing. This does
not say that there are any problems, just that in our usage
of the SSLv3 protocol, cert validation and encryption, we
Isaac Rajkumar wrote:
>Hello All -
>
>When I try to perform a handshake (using SSL_do_handshake()) between a client
>and a server I get the following errors:
>
>In Server:
>403:error:14095412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad
>certificate:.\ssl\s3_pkt.c:825:SSL alert nu
I am having problems importing certificates into Netscape running on
Windows, eventhough the certificate is will import fine with the same
version of Netscape running on X. Any ideas? (Actually it doesn't import
into IE either, but I figure one problem at a time)
Currently I have nsCertType com
-Original Message-
From: Dean Kimball <[EMAIL PROTECTED]>
To: '[EMAIL PROTECTED]' <[EMAIL PROTECTED]>
Date: Tuesday, April 20, 1999 11:33 AM
Subject: RE: RSARef No Longer Available (Was RSAref in the US)
>After spending several days on the phone with RSA, I came to the conclusion
>that I
No, don't hit me!!!
Another one asking for this annoying topic ...
Does anyone know whether SSLeay has any Y2K problems?
--
Ciao ... Heiko Nardmann (Dipl.-Ing.), Software Development
secunet (www.secunet.de), Security Networks GmbH - Sicherheit in
Netzwerken
Weidenauer Str. 223-225, D-57076 Si
> From: Stefan Kelm
>
> Miguel,
>
> > I don't know how to import 1024 bit certs into IIS, but you can
> > generate a CSR (1024 bit RSA) using NON domestic IIS4.
> >
> > If you are using SP3 you need a special schannel.dll,
> > Do you need it? I can send it to you.
>
> what does schannel.dll do an
Hi,
I have a server certificate that has been signed by a certifciate chain
(ie. by my own CA certificate that has been signed by another CA).
What I would like to do is supply just my CA signing certificate and not
any others in the chain to the SSLeay 0.8.1 client for cert
verification, ie. tu
After spending several days on the phone with RSA, I came to the conclusion
that I had when I started. RSAref was never intended for commercial use,
strictly academic. So, due to the fact that I am 1300 miles and a firewall
away from my development machine, does openSSL support DH and/or DSA?
Tha
hi, is just started and have e few questions...
#1
char *ERR_lib_error_string(unsigned long e);
char *ERR_func_error_string(unsigned long e);
char *ERR_reason_error_string(unsigned long e);
The thing i want to do is acces the flags from the errorbuffer, but this is
not ac
> [EMAIL PROTECTED] wrote:
> >
> > hi,
> > I have installed the Netscape Certificate Server 1.01 for myself.
> > and I request a personal certificate through my Netscape Navigator 4.05.
> > I have set the CA is trusted .
> >
> > but when I open the Netscape Navigator ,select "security" ,"certifi
Bodo Moeller wrote:
>
> "Ralf S. Engelschall" <[EMAIL PROTECTED]>:
>
> [...]
> >> In SSLeay 0.9.1b, Eric added a function SSL_CTX_add_extra_chain_cert
> >> that allows to cleanly build the chain for the server certificate.
> >> I'm afraid, though, that mod_ssl doesn't use it as of yet.
>
> > Wh
Win32 internally treats "/" in pathnames exactly the same as "\". I
routinely use slashes in C code. It saves me a lot of the hassle of
escaping backslashes.
"Peter 'Luna' Altberg" <[EMAIL PROTECTED]> wrote:
> Appart from everything else, you must have double backslashes in C
> files, like:
>
Paul Rubin wrote:
>
> > What do you suggest for supporting this in mod_ssl, Bodo?
> > Via an explicit SSLCACertChain or whatever directive? Or implicitly?
>
> The behaviour that makes most sense, I think, is if you just have to
> append the CA certificate(s) to th
Appart from everything else, you must have double backslashes in C
files, like:
#define X509_CERT_DIR INSTALLTOP "\\certs"
(the error ".\crypto\cversion.c(84) : error C2017: illegal escape
sequence" points in this direction).
Cheers,
Peter
_
23 matches
Mail list logo
