I am trying to find the best way to let IE/Netscape to accept our CA,
But even the certificate can be embed to next version IE/Netscape, all
end-user that use our certificate must upgrade their broswer too! It's
too hard. Maybe the best way is only to use default CA's certificate
like Verisign,
There
is a public function named SHA1_Update in netscape httpd itself (yes, I wasted
some time with this too!), and that function of course does not have same
parameters as the OpenSSL SHA1_Update.
Because you hardly have access to netscape's source
code, you have to bend over and rename
On Mon, Jun 12, 2000 at 04:43:27PM -0700, Arun Venkataraman wrote:
* By default, how many sessions are cached? Is this number configurable?
SSL_CTX_sess_set_cache_size()
* What is the approximate memory overhead per session entry in the cache?
That depends on the certificates. For a session
Use the mime: application/x-x509-ca-cert
Hazel
Does anyone have the URL for how Netsape and/or MSIE validate or
test then accept a CA for inclusion in their web browsers?
I tried a lot of combinations on some search engines and hit a blank
I am thinking about trying the phone and
Hi,
On Tue, Jun 13, 2000 at 09:49:38PM -0700, Derek DeMoro wrote:
Does anybody now how to make openSSL read certificates and keys created =
by IAIK?
I think they might implement different OIDs. OpenSSL cannot seem to recognize
my Iaik Private Key.
Are you using DSA keys? If so, I had
-Original Message-
From: Gao Yuhang [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, June 13, 2000 4:12 PM
To: [EMAIL PROTECTED]
Subject: Re: howto get IE Netscape to accept CA?
Use the mime: application/x-x509-ca-cert
What do you mean? do you say that sending in HTTP a page with
Hello,
I would like to ask you how works openssl s_server and s_client.
In detail, I would like to know: If the session key is established and
the transferred data is encrypted or you have to encrypt it with the session
key. Then if the examples given, serv.cpp and cli.cpp are good enough to
-Original Message-
From: Jussi Kohonen [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, June 14, 2000 2:30 AM
There is a public function named SHA1_Update in netscape httpd itself
(yes,
I wasted some time with this too!), and that function of course does not
have same parameters as
Okay,
I'm feeling like a moron, now. I have built quite a few ssl
servers for people (Thanks, Ralf, et alia!), but never bothered to look
into the CA side of things ... before now. I am completely lost! I have
scoured the FAQ at [modssl|openssl].org, but am still very much adrift. I
Thanks go to Jussi and Michael for pointing out the
linker issue :)
the following url is helpful:
http://slwww.epfl.ch/SIC/SL/CA/
I however have done all of my own ca stuff by looking
at the sign.sh file and by writing a certificate server
to sign ppls certs.
Hope this helps.
Mike
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL
This document helped me so much. It's from Frederick Hirsh..
http://www.ultranet.com/~fhirsch/Papers/cook/ssl_cook.html
It's about SSLeay but it also applies to Openssl very well.
BTW, if Frederick is around here, THANK YOU.
[EMAIL PROTECTED] wrote:
Okay,
I'm feeling like a moron,
I've had no answers to that question so far, so I'm re-posting it, hoping
that someone out there could provide me with a hint...
thanks
-Original Message-
From: Richard Dykiel [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, June 13, 2000 11:36 AM
To: [EMAIL PROTECTED] (E-mail)
Subject:
Hello,
Getting the following error while doing a make of openssl (0.9.5a).
make[1]: Entering directory `/install/openssl-0.9.5a/crypto'
gcc -I. -I../include -DTHREADS -D_REENTRANT -DNO_IDEA -DNO_RSA -DNO_RC5
-mcpu=ultrasparc -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W
From: Balaji Thiruvenkatachari [EMAIL PROTECTED]
Subject: Compilation Problem.
Date: Wed, 14 Jun 2000 18:53:35 -0400
Message-ID: [EMAIL PROTECTED]
bthiru This message is in MIME format. Since your mail reader does not understand
bthiru this format, some or all of this message may not be legible.
[EMAIL PROTECTED] wrote:
Okay,
I'm feeling like a moron, now. I have built quite a few ssl
servers for people (Thanks, Ralf, et alia!), but never bothered to look
into the CA side of things ... before now. I am completely lost! I have
scoured the FAQ at [modssl|openssl].org, but am
Richard Dykiel wrote:
I've had no answers to that question so far, so I'm re-posting it, hoping
that someone out there could provide me with a hint...
thanks
-Original Message-
From: Richard Dykiel [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, June 13, 2000 11:36 AM
To: [EMAIL
Hi,
I would like to use openSSL in a server running on Windows NT that
implements
asynchronous sockets using iocompletion ports. It looks
like I have to do some ugly hacks into the openSSL library to make it work.
Does anyone have any advice or suggestions on using openSSL with
iocompletion
Thanks to all who sent me url's and advice. I found out that the trouble
was I did not have /usr/local/ssl/bin/ in my $PATH, and the CA.sh script
was failing quietly, but would tell me that it had written my file anyway.
Once I fixed the $PATH problem, it worked as expected. One more question,
if
19 matches
Mail list logo