Re: Installation difficulties

On Thu, Dec 28, 2000 at 10:07:42AM -0800, Beth Longwell wrote: > I downloaded Openssl 0.9.6 and followed the instructions of the README > file to compile and install the software. I also made test certificates > and altered our current httpd conf file for an SSL virtual host > listening on port 4

Re: Problem using openssl 0.9.6 with openssh 2.3.0p1

On Thu, Dec 28, 2000 at 02:10:09PM -0600, BRIERLY, KEVIN D (AIT) wrote: > Under normal circumstances ssh command work properly. When the system load > is high I start getting "Not enough entropy in RNG" back from ssh. > I looked at the source code and found that this message is triggered by > chec

How to extract "conf string" from extention?

Hi all, Programmaticly, it's easy to create an X509 extension like this: x = X509V3_EXT_conf_nid(NULL, NULL, NID_basic_constraints,"CA:TRUE,pathlen:10"); Now, is there some similar, easy way to do the reverse, ie geting the equvivalent ``config string´´ out from an extention ("CA:TRUE,pathle

Re: About the SSL transaction when using Proxy Server

Ri Li wrote: > I have some question about the SSL, when my office > is using a Proxy server to go to the internet. Is the > SSL encryption only encryt between the Proxy Server to > the Internet Web Server? or protect from user under > proxy server to Internet Web Server?? If you configured your

Re: How to extract "conf string" from extention?

Peter 'Luna' Runestig wrote: > > Hi all, > > Programmaticly, it's easy to create an X509 extension like this: > x = X509V3_EXT_conf_nid(NULL, NULL, > NID_basic_constraints,"CA:TRUE,pathlen:10"); > > Now, is there some similar, easy way to do the reverse, ie geting the > equvivalent ``config

Re: Determining if a cipher mismatch causes a handshake error

On Thu, Dec 28, 2000 at 03:46:15PM -0500, Louis LeBlanc wrote: > Hey all. I am trying to determine in my client app if a handshake fails > because the client and server are not supporting any common ciphers. ,.. > which is gleaned from studying docs and sample code. When we test > it with s_se

Re: [apache-ssl] Re: Certs: where to get them?

On Dec 28 Leland V. Lammert wrote: > 2) Purchase a cert from Equifax ($49US). Lowest cost for a cert acceptable > to most browsers. Or get a free one from GlobalSign; http://www.globalsign.net/prod/freeserver.cfm?ID=tnw89505 -- Rial Juan

How to Decrypt email ?

Hi ! I am newbie in openssl, and I have some problems with decrypting email (from outlook / oootlook express / eudora etc ...) In fact I do not really know what I have to do. what I did : 1) I imported my certificate file (fred.p12 file) in outlook (now I can sign my emails, wonderfull ...) 2)

Hello there trouble compiling with activeperl 5.6.0 build 623

Hello i'm having trouble compiling openSSL, i have VC++ 6.0 installed on my server, i have installed active perl, and wend i try to > perl Configure VC-WIN32 i get a message saying "Can't open perl script "Configure": No such file or directory" i just typed what was on the readme file, what am

openssl smime verify

Hi HELP When I just use the root ca(vsign1.pem) and do not add my public trusted ca in the file. The program is saying verification successful. What does it mean. And how will I avoid the verification of root ca. I want it to stop after verifying my public ca. D:\mananth\ssl\ssl_test\Debu

Re: openssl smime verify

Mahesh Anantharaman wrote: > > Hi > > HELP > When I just use the root ca(vsign1.pem) and do not add my public trusted ca > in the file. > The program is saying verification successful. > What does it mean. > It means the signature on the message is valid (it has not been tampered with) and

Re: How to Decrypt email ?

Fred Fillon wrote: > > Hi ! > > I am newbie in openssl, and I have some problems with decrypting email (from > outlook / oootlook express / eudora etc ...) > In fact I do not really know what I have to do. > > what I did : > 1) I imported my certificate file (fred.p12 file) in outlook (now I

DEAPI

I installed mod_ssl 2.6.6 on Solaris 2.7. When I started the apache 1.3.12 server (apachectl startssl), I get warnings similiar to the following for all my modules: [Fri Dec 29 18:48:20 2000] [warn] Loaded DSO libexec/mod_headers.so uses plain Apache 1.3 API, this module might crash under EAPI!

RE: openssl smime verify

Hi I am sorry for the question. Here is what I want. I am having the senders certificate saved locally downloaded from verisign. I want to verify the email received against the sender certificate not with the root ca. Is it possible. This is a very strong requirement. Thanks mahesh -Origina

Re: openssl smime verify

Mahesh Anantharaman wrote: > > Hi > > I am sorry for the question. Here is what I want. > I am having the senders certificate saved locally downloaded from verisign. > I want to verify the > email received against the sender certificate not with the root ca. > Is it possible. The email is alway

RE: openssl smime verify

Hi Thanks a lot for your patience. All I want is the one you mentioned here. openssl smime -verify -noverify -nointern -nochain -in message.txt -certfile myfile.pem And I am saved. and a VERY HAPPY NEW YEAR regards mahesh -Original Message- From: Dr S N Henson [mailto:[EMAIL PRO

Re: https packet diagram

"Varga, Jack" <[EMAIL PROTECTED]> writes: > Is the session_id resident in each ssl application > data packet or just in the handshake packets? If so, > is it always in the clear (i.e., not encrypted? No, it's only in the ServerHello and (if resumption is being used) in the ClientHello. However