Hi there ..
I am experiencing some problems when trying to generate some
certificates
with openssl. I am trying this on the following specs;
* SunOS nexus 5.7 Generic_106541-11 sun4u
=> Solaris 7
* OpenSSL v0.9.5a
* SUNpki patch# 105710-01 installed
=> Though from what I can see this shoul
When I try to sign a request with my own experimental root-ca with
"openssl x509 -req -in foo.req -CA ca.crt -CAkey ca.key -out foo.crt",
I always get a V1 certificate no matter if I use extensions or not.
Signing the same request with
"openssl ca -sign -in foo.req -out foo.crt"
I get a V3 certifi
Some additions to the LANG problem by Jacek:
-Original Message-
From: jacekp [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, July 26, 2000 9:42 PM
To: marcel.bucher
Cc: jacekp
Subject: Net_SSLeay.pm and LANG problems...
Dear Marcel
This is sort of a reply to your letter posted s
Hi. I need to include another field (ID number of the students in my
university) in the DN of the
certificate's subject, so I can access it later from apache-ssl.
(I could manage it as an extension but apache-ssl just allow access to
the certificate's DN. Am I
right in this?)
Would it works if I p
Sorry in advance if this is the wrong place to send
this message (and if I'm in the wrong place, just let me know: I won't send
emails here again).
I'm considering porting the ssl code (client-side
only) onto an embedded device (a.k.a. Internet appliance) to allow it to perform
secure comm
Hua Wu wrote:
>
> Thanks for the reply. But my problem is still there.
>
> Upon your suggestion, I got newer version of crypto\x509v3\v3_purp.c
> and rebuilt the openssl library with debug. I found the change
> couldn't fix my problem since that bug was in the case of checking
> CA's purpose (ca
I'm looking at
openssl for the first time, and I have to confess that I'm puzzled by something
really simple.
Starting from
complete scratch, how would I use the command line to create a CSR or a
certificate?
My eventual
intention is to tackle some issues of character sets in certificat
Are you 'quoting' or mistyping ???
Anu Desireddi wrote:
> ld: fatal : library -lsaref: not found
Is there a file called 'libsaref' ? It should be 'librsaref'
^
You are short an 'r'
> ld: fatal : File processin
From: "Anu Desireddi" <[EMAIL PROTECTED]>
anu> The rsaref has compiled properly and I have the
anu> librsaref.a in the PATH enviroment.
The linker doesn't look in $PATH to find libraries. Where it goes
looking by default depends a lot on OS and configuration, but a safe
bet is /lib and /usr/lib
I am trying to install OpenSSL and compile it
with rsaref but I am coming across some problems.
The rsaref has compiled properly and I have the
librsaref.a in the PATH enviroment. When I execute
the make in the OpenSSL directory, it says that it
cannot find the libary -lsaref.
ld: fatal : libra
You need the "ar" utility for your platform. If you already have it, make
sure it is in your path or get one for your platform.
Arun.
"The online world is a cool place to visit, but you really don't want to
live there."
This mess
Thanks for the reply. But my problem is still there.
Upon your suggestion, I got newer version of crypto\x509v3\v3_purp.c
and rebuilt the openssl library with debug. I found the change
couldn't fix my problem since that bug was in the case of checking
CA's purpose (ca!=0). But my case is DEPTH
Since everyone didn't feel comfortable running proftpd on their servers,
there's now an alternative. I have made a port of the OpenBSD 2.7 ftpd
server and added the TLS code. For Linux, I have added shadow password
file support, but note that there's no PAM support (yet anyway). Tested
on Linux an
Trying to Install OpenSSL to then run OpenSSH. Getting an error 127 during
the make process.
Anyone heard of this?
__
OpenSSL Project http://www.openssl.org
User Support Mailing List
Hi all.
Two months ago I finished the development of an open source
implementation of a Microsoft RSA FULL Cryptographic Service Provider. My
intention was to make it available through a site in a well packaged
distribution together with some documentation and comments. Now I realized
that I have
[following up my own posting]
Nick Boyce wrote :
> Shum asked :
>
>> Can anybody tell does OPPENSA web site has been closed ?
>> I cannot find it!
>
> Assuming you mean the website hosting the project to
> make Win32 versions of Apache, OpenSSL and other useful
> system software tools, it's
Shum asked :
> Can anybody tell does OPPENSA web site has been closed ?
> I cannot find it!
Assuming you mean the website hosting the project to make Win32 versions of
Apache, OpenSSL and other useful system software tools, it's supposed to be
at http://www.opensa.de but that site appears to
From: Dr Stephen Henson <[EMAIL PROTECTED]>
drh> Richard Levitte - VMS Whacker wrote:
drh> > Personally, I've no problem with those defaults as they are, and the
drh> > X509_get_default_*() functions are designed to give the library-
drh> > specific defaults. What I do have a problem with is the
Try
using any decent text editor like PFE32 and do a global search and replace
or write a small piece of code which identifies path strings and replaces the \
for /... thats it = )
Mike
-Original Message-From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On
Behalf Of Pau
I am installing the
Win32 version of OpenSSL on a Windows NT 4.0 SP5 machine. I am using
Borland C++ Builder 5 for the compile. I ran bcb4.bat and it worked with
no errors. Then I ran GNU Make (make -f bcb.mak). It churned out the
header files but as soon as it hit the c files the follow
Richard Levitte - VMS Whacker wrote:
>
>
> OK, I see what you mean. What is happening is that get_cert_chain()
> in apps/pkcs12.c does a "verification" of the cert against an empty
> certificate store. However, it does call X509_STORE_set_default_paths(),
> which fills in the defaults you see.
From: Darren Reed <[EMAIL PROTECTED]>
darrenr> > darrenr> support debugging. For example, I was trying out the pkcs12 -chain
darrenr> > darrenr> option, only to find it was insisting on using a certificate from
darrenr> > darrenr> /usr/local/ssl/certs/cert.pem as well as another file which I did
Hi,
Well the opensa is no more available but got
some similar sites related must be useful
http://sunsite.bilkent.edu.tr/pub/infosystems/opensa/
http://www.ecs.soton.ac.uk/~lcr299/opensa/
http://www.opensa.de
http://213.240.144.25/manual/opensa/install.html
- Premson
--- Marko Vukov
> shum wrote:
>
> Hello All,
>
> Can anybody tell does OPPENSA web site has been closed ?
>
> I cannot find it!
>
> Shum...
>
>
hehe, it's openCA not openSA!! http://www.openca.org/
--
Marko.
__
OpenSSL Project
Hello All,
Can anybody tell does OPPENSA web site has been closed
?
I cannot find it!
Shum...
On Wed, Jul 26, 2000 at 09:24:00AM +0200, Stefano Bergamasco wrote:
> I read that for suspending a certificate you may insert it in a CRL and
> then, after suspension period has passed, issue a new CRL not containing
> that certificate. I did so with OpenSSL and it worked fine with Netscape
> (aft
On Wed, Jul 26, 2000 at 10:03:09AM +0530, Amit Chopra wrote:
> Hi,
> I have a question about memory BIOs.
> I want my application to SSL-read/write from/to memory
> instead of sockets. Reading/writing to the sockets will be handled
> by the application (I require such a facility because my
I read that for suspending a certificate you may insert it in a CRL and
then, after suspension period has passed, issue a new CRL not containing
that certificate. I did so with OpenSSL and it worked fine with Netscape
(after downloading the first CRL the certificate was marked as revoked, and
afte
28 matches
Mail list logo