Hi,
I'm having trouble with openssl. I guess this is a typical newbie-problem,
but I'm unable to find any help in the online manual or the man pages
distributed with openssl.
When I run a program which uses SSL (mico; www.mico.org) I get the
following error message:
SSL verify error:
Hi,
Could someone please explain the following to me:
1) Is bio blocking i/o. If so why and when do you use it.
2) When do you use straight SSL_read/SSL_write and is this non-blocking?
3) If 2 is non-blocking, can I use select to read/write?
4) Say I want to write an SSL client that will
Hello ALL,
I am working on writing an SSL Client. My client code just supports the
elliptic curve algorithm( no RSA ).I have not used openssl for writing this
client but have used a third party library.Unfortunately, there is no
support for RSA in the client.
I need a pop/smtp/imap SSL
Richard Levitte - VMS Whacker wrote:
Oh, what a beautiful mixup I did there between server and client
certs! Even got myself confused :-). However, the fact still
remains, there's no trust path of value to me, the value of certer
certs in themselves is more or less none, except to give
Hi!
I was wondering if someone could help me out on a
crypto-related question;
I want to encrypt short strings (passwords, actually)
and be able to decrypt them later.
I only have access to Perl, and its MD5 and crypt (3des?),
and do not want to rely on any non-standard Perl modules.
To just
Hi Philip
Just searched the archives and found your message. I had the same problem,
and submitted a patch, not long ago. I also have another 64 bit related
patch. Both are included below
--
Karsten Spang
Senior Software Developer, Ph.D.
Belle Systems A/S
Tel.: +45 59 44 25 00
Fax.: +45 59
hi,
You know that OpenSSL supports DES for encryption of
data.So if you want to establish a communication link
between client server then you must use a secret
key.
Now my question is,What the certificate contains?
I mean what public keys it contains for what purpose
they can be used?
Could
On Mon, 12 Jun 2000, Yuji Shinozaki wrote:
I think the problem is multi-leveled:
snip
4. At the practical and everyday level, we can be pretty sure that the
certs delivered with Netscape and IE are OK. If we go to some fairly
well-traversed public site using one of these certs, some
Is it possible to connect to a FTP server using a
ftps://server.ftp.org URL for netscape or explorer?
It will be a good chance to connect to our file server
(ftps:[EMAIL PROTECTED])
We use linux servers with ssl ssh telnet.
What package my I install?
Please, reply to [EMAIL PROTECTED]
From: Emili Sanroma - RI [EMAIL PROTECTED]
Emili.Sanroma Is it possible to connect to a FTP server using a
Emili.Sanroma ftps://server.ftp.org URL for netscape or explorer?
Emili.Sanroma It will be a good chance to connect to our file server
Emili.Sanroma (ftps:[EMAIL PROTECTED])
As far as I
Hi,
in short:
using SSL you have two parts of encryption:
first a public/secret key system (asymmetric cryptographie) is used to
establish a connection and to agree for a common secret key.
When both parties have agreed to that common secret key (which is, in
short, encrypted with the public
On Tue, Jun 13, 2000 at 04:01:50PM +0200, Richard Levitte - VMS Whacker wrote:
I don't currently recall the drafts and RFC's describing this, but I'm
sure that you can find them all in the Security Area of IETF
(http://www.ietf.org).
The relevant document is
Hello!
4. At the practical and everyday level, we can be pretty sure that the
certs delivered with Netscape and IE are OK. If we go to some fairly
well-traversed public site using one of these certs, some red flags will
go up when the you get signature mis-matches... That will tip you
Hi to all,
Do I have to use the SSL_free (SSL *s) routine after every call to SSL_new
(SSL *s) which allocates memory for the
SSL structure upon every connection ?
If I use the SSL_free routine it seems to free the session context and I
can't do reuse in the next connection.
I tried to use the
Hello and thanks for reading this:
I use OpenSSL 0.9.5a, Red Hat Linux 6.2, Intel platform.
I'm trying to produce PKCS#12 files to be able to keep the all generation
process under my control and to distribute only one file (BTW: why is it
taken for such a security bug?). I do it the following
On Tue, 13 Jun 2000, Douglas [iso-8859-1] Wikström wrote:
What you are saying is that I am free to buy stuff on the internet,
sending the seller my creditcard number, and then tell the Bank it was
not me. Given the following attack scenario I cant believe that is the
case:
Yup. If you
Hi,
My application calls directly the following functions in OpenSSL:
* EVP_CipherInit/Update/Final, etc..
* PEM_read_PrivateKey, PEM_read_X509, etc...
In a multithreaded context, do these calls need to be encapsulated by calls
to CRYPTO_lock? I happen to have transient failures:
*
[EMAIL PROTECTED] wrote:
Hello and thanks for reading this:
I use OpenSSL 0.9.5a, Red Hat Linux 6.2, Intel platform.
I'm trying to produce PKCS#12 files to be able to keep the all generation
process under my control and to distribute only one file (BTW: why is it
taken for such a
On Tue, 13 Jun 2000, Dr Stephen Henson wrote:
[EMAIL PROTECTED] wrote:
Hello and thanks for reading this:
I use OpenSSL 0.9.5a, Red Hat Linux 6.2, Intel platform.
I'm trying to produce PKCS#12 files to be able to keep the all generation
process under my control and to
If you are talking abt reusing SSL structures, you can do
SSL_clear(sslp) and SSL_set_session(sslp, NULL) to try and reuse the old
session. This way, you need not free(). It worked for me. Same holds for
SSL_accept. The only caveat is that you need to use the same method (SSLv23,
SSLv3 etc.) as
Does anybody now how to make openSSL read
certificates and keys created by IAIK?
I think they might implement different
OIDs.
Please Help?
Derek DeMoroChief Technical
OfficerBallotDirect(650) 799-8490
At 03:09 PM 6/12/00, you wrote:
Interesting... I don't quite understand what the preloaded root certs
have as extra value.
The ONLY reason for e-commerce folks to sign up with a Root Cert CA (like Verisign or
Thawte) is to prevent the nasty messages when a user initiates an SSL connection.
"Leland V. Lammert" [EMAIL PROTECTED] writes:
At 03:09 PM 6/12/00, you wrote:
Interesting... I don't quite understand what the preloaded root certs
have as extra value.
The ONLY reason for e-commerce folks to sign up with a Root Cert CA
(like Verisign or Thawte) is to prevent the nasty
If users accept certificates without some independent way of verifying
the identity of the signer, then this obviates the entire point of
certificates, which is to prevent active attack on the connection.
The vast majority of the complexity of SSL is there to prevent
active attack. By
We're having a
really strange problem with the openssl crypto library -- it keeps segfaulting
down in SHA1_Update when called from an NSAPI plugin (running in NES 3.6).
I've tried building
the library with optimizations off and all that fun stuff, and have run the test
suite which it
"Steve Bazyl" [EMAIL PROTECTED] writes:
[1 text/plain; iso-8859-1 (7bit)]
We're having a really strange problem with the openssl crypto library -- it
keeps segfaulting down in SHA1_Update when called from an NSAPI plugin
(running in NES 3.6).
I've tried building the library with
Does anyone have the URL for how Netsape and/or MSIE validate or
test then accept a CA for inclusion in their web browsers?
I tried a lot of combinations on some search engines and hit a blank
I am thinking about trying the phone and calling Redmond Washington and
California to ask, but expect
One
more thing...I also tried adding lock callbacks to make sure its not a threadingproblem. Made no
difference (was getting lock requests asI should, and only from a single
thread as expected).
-Original Message-From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On
Behalf Of Steve
Does anybody now how to make openSSL read
certificates and keys created =by IAIK?I think they might implement
different OIDs. OpenSSL cannot seem to recognize
my Iaik Private Key.
Please Help?
Derek DeMoroChief Technical
OfficerBallotDirect(650) 799-8490
29 matches
Mail list logo