Hi,
I have setup openssl together with apache139+ssl OK. It works with a test certificate
key. What I am not sure about is how I can setup so the main web server does not
require SSL, but only few of its directory/subweb and as other virtual hosts. Does it
mean that I have to run 2 daemons of
maybe s_client can go on without CA cert, but the s_server need one,
otherwise it will exit at
"if ((!SSL_CTX_load_verify_locations(ctx,CAfile,CApath)) ||
(!SSL_CTX_set_default_verify_paths(ctx)))"(line634 of s_server)
I should offer a CAfile option for s_server, so that it can begin to
accept
I installed apache during the freeBSD post-install configuration, and then
after the reboot, I installed openssl from the ports collection (after
installing rsaref, of course)
All went well. So theoretically, I now have a working web server (yes, the
web server works - I got the apache congra
>> > > OTOH, why people don't just read a pile of bytes from /dev/audio
Yep this is what I do. I have a host with a sound card located in a busy
office. I grab sound samples from this system at regular intervals.
The script below takes care of the grunt work and may be of use
to others wanting
Sorry to ask a stupid question.
I would like to add a specific cipher algorithm which is not standard algorithm
So that client and server program always use that specific cipher algorithm
but maintain the remaining SSL or TLS record structure and MAC algorithms
> > probably a simple question...
>
How are you using openssl? With mod_ssl in an apache
web server? You might try asking this question on the
[EMAIL PROTECTED] list: I've found that the
documentation between the two, modssl vs. openssl, is
not quite consistant.
> and one that has been asked o
Miguel,
I add one line Session.LCID = 1033 before your code, then everything worked. Now I
can get the client certificate correctly. Thank you very much.
- Original Message -
From: zheng xiangyang <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, October 20, 1999 11:02 AM
Su
- Original Message -
From: <[EMAIL PROTECTED]>
> On 20-Oct-99 at 09:53, Ben Laurie ([EMAIL PROTECTED]) wrote:
> > Exactly. The fundamental point that OpenSSL should have a pool of
> > entropy which it attempts to fill with an appropriate amount of the
> > stuff at appropriate moments is
On Wed, Oct 20, 1999 at 09:40:02AM +0100, Pinca George wrote:
> Anyway SSL is a point-to-point protocol and there are not many mail
> servers supporting SSL out there. So , with SSL your messages will be
> encrypted just till the first server.
Yeah - but that can be good enough. For instance we
On 20-Oct-99 at 09:53, Ben Laurie ([EMAIL PROTECTED]) wrote:
> Exactly. The fundamental point that OpenSSL should have a pool of
> entropy which it attempts to fill with an appropriate amount of the
> stuff at appropriate moments is a good one.
I'm not so sure about that. Oh, there's no question
I hope if i send this here it'll get to the right people... I removed these lines from config to get it to guess usably on my machine:
NetBSD:*:*:*386*)
echo "`sysctl -n hw.model | sed 's,.*\(.\)86-class.*,i\186,'`-whateve\r-netbsd"; exit 0
;;
for reference:
aurora> uname -m
i386
aurora> uname -
Sorry if this is a
little off topic...
I'm hoping someone
has had the experience of using self signed certs for use with the Oracle
Application Server(uses Spyglass webserver). Need to do this for testing
SSL enablement of OAS, before moving to production. After signing (with
openssl 0.
[EMAIL PROTECTED] writes:
> I can talk to sw40.pacbell.com via netscape and IE5 (https://sw40.pacbell.com/)
> but not via LWP::request, nor, Net::SSLeay (probably for the same reason).
>
> Does this error indicate something is wrong on their server, or something
> is wrong in Net::SSLeay?
>
CJ Holmes wrote:
>
> >
> >> Eh? You can already point OpenSSL at a file and tell it to read bytes.
> >> What's the problem?
> >
> >Ben, I am talking about functionality beyond pointing OpenSSL at a file.
> >OpenSSL ought to include the code to generate that file using a sound
> >card or other dev
>
>> Eh? You can already point OpenSSL at a file and tell it to read bytes.
>> What's the problem?
>
>Ben, I am talking about functionality beyond pointing OpenSSL at a file.
>OpenSSL ought to include the code to generate that file using a sound
>card or other device/scheme, and ought to trigger r
Hi;
I've set up openssl on a web server and have used a local CA to create
some Netscape client certificates; I would like to do basic authorization
access on my web server using the client certs, but the docs say that
basic authorization uses the name in a "one line" version of the
certificate; I
Florian Baier wrote:
>
> Hello,
>
> i tried to find a q&d "workaround" for the error described below and
> transferred the .pem-crl to Linux.
> But the conversion from pem to der (openssl crl -in ./crl.pem -outform DER
> -out ./crl.der) didn't work on Linux too.
>
> Has anybody a hint where i h
Again, slightly off-topic.
> We use apache as a proxy server. All you need to do is turn on
> 443 in addition to the normal 80 socket in the server. Works fine for
> us and 5 proxy servers running apache. I recommend apache as a
> proxy *very* highly.
I've tested the apache-proxy as well, in co
Hello,
i tried to find a q&d "workaround" for the error described below and
transferred the .pem-crl to Linux.
But the conversion from pem to der (openssl crl -in ./crl.pem -outform DER
-out ./crl.der) didn't work on Linux too.
Has anybody a hint where i have done wrong?
Greets and thanks in ad
Lee Chuk Munn -Sun Service wrote:
>
> Hi, I've got the following question; what is the difference between the PKCS12 cert
>generated
> by "openssl pkcs12 -export" and one exported by Netscape (4.7). I did the following:
>
> 1. Exported a .p12 cert using "openssl pkcs12 -export"
> 2. Import it i
[EMAIL PROTECTED] wrote:
>
> We have some old certifcate mangling binaries, - they have been around so long
> that no-one knows where they came from or what the scripts using them do,
> but.
> They output a file which contains The users Public Cert and private key, all
> password protected.
>
We have some old certifcate mangling binaries, - they have been around so long
that no-one knows where they came from or what the scripts using them do,
but.
They output a file which contains The users Public Cert and private key, all
password protected.
We thought it was PKCS#12 or PFX , b
22 matches
Mail list logo
