__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
(sorry about the null message.)
I am looking for a summary of people's experiences with using client
certs to authenticate end users to Unix services.
How are you mapping a client cert to a local Unix account name?
Are you using a field within the cert? If so, which one(s)? Are
different fi
I'm trying to use a DSA cert instead of an RSA one to avoid the patent
issues in North America, but I can't seem to get it to work. The client and
the server are both our own, so interoperability is not an issue.
I've created an RSA key that works just fine like this:
openssl genrsa -out tes
Exactly what we've been trying to figure getting around.
We want to use DH and Blowfish instead of RSA (DH's patent expired, and
blowfish is free), but are having trouble figuring out how to compile the
OpenSSL without having RSA. Any sugggestions would be greatly appreciated.
-Hawke
On Mon, 01 N
Mike Benna wrote:
>
> I'm trying to use a DSA cert instead of an RSA one to avoid the patent
> issues in North America, but I can't seem to get it to work. The client and
> the server are both our own, so interoperability is not an issue.
>
[info deleted]
> Any ideas on why RSA works but DSA do
I've just now discovered that SSL_CTX_set_cipher_list() takes parameters in
a different format than I thought. How do you add the EXP1024 ciphers that
you mention? I've tried passing all kinds of strings to
SSL_CTX_set_cipher_list() but with no success in limiting connections to
56-bit (I can ge
> having trouble figuring out how to compile the
> OpenSSL without having RSA. Any sugggestions would be greatly appreciated.
> -Hawke
When you run configure, use the "-DNO_RSA" option.
__
OpenSSL Project
Client Platform: MacOS 9.0
Client Software: Netscape 4.7, MSIE 4.5, Outlook Express 5.0
OpenSSL version: OpenSSL 0.9.4 09 Aug 1999
Operating System: OpenBSD 2.6-CURRENT
I setup some RSA keys before I get into DSA territory and my ideal goal
is to be using stunnel to retrieve email over ssl'ized i
Jeffrey Altman wrote:
>
> (sorry about the null message.)
>
> I am looking for a summary of people's experiences with using client
> certs to authenticate end users to Unix services.
>
> How are you mapping a client cert to a local Unix account name?
>
> Are you using a field within the cert?
On Tue, Nov 02, 1999 at 04:27:29PM -0800, Mike Benna wrote:
> I've just now discovered that SSL_CTX_set_cipher_list() takes parameters in
> a different format than I thought. How do you add the EXP1024 ciphers that
> you mention? I've tried passing all kinds of strings to
> SSL_CTX_set_cipher_li
Hi all,
I joined this project a tad late, and I'm by no means a Unix expert -
but the old sysadmin left and now I'm battling away though a whole bunch
of stuff he left unfinnished...
I am getting this problem in my logs right now:
bash-2.03# less apache_ssl_engine_log
[02/Nov/1999 11:46:03] [
11 matches
Mail list logo
