Hi, mads
Now I want to run ssl aware apache as service, but I failed, then how
can I let modssl read password from another way, for example, read from
a file? Thanks in advance.
See http://www.modssl.org/docs/2.8/ssl_reference.html#ToC2
vh
Mads Toftum
I am working on windows,
From: "Ronald F. Guilmette" [EMAIL PROTECTED]
rfg % bc
rfg bc 1.05
rfg Copyright 1991, 1992, 1993, 1994, 1997, 1998 Free Software Foundation, Inc.
rfg This is free software with ABSOLUTELY NO WARRANTY.
rfg For details type `warranty'.
rfg
rfg
rfg Looks like GNU bc to me!!
rfg
rfg So now what?
[EMAIL PROTECTED] wrote:
-Original Message-
From: Ben Laurie [mailto:[EMAIL PROTECTED]]
Sent: 14 February 2001 13:25
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: Re: echoping 4.1 released : a tool to test SSL servers
[EMAIL PROTECTED] wrote:
This is just
On Wed, 14 Feb 2001, Ben Laurie wrote:
...
Thanks Ben for cheering me up. Perhaps If I have a machine that can change
it's IP number constantly I could get round it. Or perhaps not. Maybe I
could disable session caching altogether. This is only a development machine
anyway (and has been
Hi,
We developpe an application running on NT and Solaris with
openssl 092b.
Icompile openssl 096 on Solaris and NT using Visual C++
6 and when I try to recompile my
application with openssl 096on Visual 6, I have got
thelink error messages :
conflicts with default library (MSVCRT,LIBC and
I've been trying to set up stunnel on the firewall to accept
SSL-encrypted connections and forward them to internal http
addresses. This is for staff use only, so I don't care about having a
certificate signed by a public CA. I do, however, want to require
users to have certificates.
I've
I've seen it, and fixed it. Rather unhelpfully, I can't fully remember
how.
C/C++ - Code Generation - (Debug) Multi-threaded DLL
Make sure that you are consistent with your use of this DLL in making
your lib, and then .exe
hth
Tat.
Matthieu Ludinard wrote:
Hi,
We developpe an
Hi!
What do You think? May I use the netscape_comment extension to hold my
application specific information in text form (maybe in base64)?
Cly
__
OpenSSL Project http://www.openssl.org
User
Make sure you use the same C runtime library to link your application as you
specified to build openssl. Which makefile did you use to build openssl,
nt.mak or ntdll.mak?
_
Greg Stark
Ethentica, Inc.
[EMAIL PROTECTED]
_
What do You think? May I use the netscape_comment extension to hold my
application specific information in text form (maybe in base64)?
This is a non-authenticated attribute. i.e. it's not signed and can be
changed by the user without changing the certificate signature.
So don't use it for
Title: EVP question about key sizes
Hi!
I want to use Blowfish with a 256 bit key size. Looking at the EVP
docu I found EVP_CIPHER_CTX_set_key_length.
Some time ago somebody mentioned that it is impossible to use
differnt key sizes in the EVP API. Is EVP_CIPHER_CTX_set_key_length
a new
This is a non-authenticated attribute. i.e. it's not signed and can be
changed by the user without changing the certificate signature.
Wrong. *Everything* in a certificate is signed.
/r$
__
OpenSSL Project
What a shame... I thought it is simple...
So what parts of certificate are protected with signature?
Cly
"Dale Peakall"
Hello,
When I run the ./Configure myOS command I get an error on the last line
saying make not found. So when I run the make command it does not
work. I am on a networked environment, using a network appliance.
Hopefully this is not the problem.
What I need Openssl for:
To translate a
[EMAIL PROTECTED] wrote:
Hi!
What do You think? May I use the netscape_comment extension to hold my
application specific information in text form (maybe in base64)?
Well you could I suppose but that would be a non standard use of it. If
you've got your own OID you could simply add a new
A. Knigsdorfer wrote:
Hi!
I want to use Blowfish with a 256 bit key size. Looking at the EVP
docu I found EVP_CIPHER_CTX_set_key_length.
Some time ago somebody mentioned that it is impossible to use
differnt key sizes in the EVP API. Is EVP_CIPHER_CTX_set_key_length
a new function
Derick Cassidy wrote:
Hello
After playing around with the SSL stuff, I am successfully able to validate
online crls (ldap query, then lastUpdate/nextUpdate them). What I would
like to do now, is validate attributeCertificates
I tried using the same approach as the CRLs
ldap query;
This is a non-authenticated attribute. i.e. it's not
signed and can be changed by the user without changing
the certificate signature.
Wrong. *Everything* in a certificate is signed.
Don't you hate it when you're wrong. Was confusing myself
with S/MIME and M$'s certificate
I recently setup my ApacheSSL Server with all the latest stuff,
modssl2.8.0 apache 1.3.17 and openssl 0.9.6. I am getting an input/output
error when connecting to my https server with netscape 4.73. When i use
internet explorer 5.5, i dont get any connection errors. I have attached
my log files
ignore it - test only
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
P.S. Anyone know where the X.509 V3 spec can be found (without
having to purchase all $92 of it from ansidocstore which seems
a little excessive particularly as I've already got the '88 spec)?
Hoyt Kesterson, one of the editors, and Groupe Bull have been making
pre-publication drafts
Hi,
Tomcat use SSL directly, I use the keytool of the JDK to generate the
key pair and a self certificate.
I need to generate certificates for clients but the browser says that if
have to be in the format PKCS12.
For the keytool I specify a keystore type at the command line, via the
-storetype
Hi,
I'm wondering if anyone can shed any light on a problem I'm having with
Outlook Express? Apologies for posting a load of debug output to the
list, but I didn't really know what was safe to omit.
I'm trying to setup secure IMAP, using stunnel (stage 2 is to go for
secure SMTP as well,
On Wed, Feb 14, 2001 at 09:24:46PM +, Tim Small wrote:
I'm wondering if anyone can shed any light on a problem I'm having with
Outlook Express? Apologies for posting a load of debug output to the
list, but I didn't really know what was safe to omit.
I'm trying to setup secure IMAP,
Hi,
I have 2 clients applications to send https request to 2 different web
server. My first client run on Linux Red Hat 7 and send https request to
IIS 4.0 web server on an NT 4.0 Server and my second client run on NT
4.0 Server and send https request to Apache web server on a Linux Red
Hat 7
Hi -
I am working on a perl SSL wget type program, and I have a few questions
regarding certificate authentication. I am sorry if these are silly
questions; I have been trying to find documentation for quite some time and
cant seem to find anything. So my questions are, basically, how do I set
Hello,
I have a problem for which I found no real solution in the manual or the
list archives.
The basic idea is to encrypt data using RSA_private_encrypt and retrieve it
using RSA_public_decrypt. For RSA_private_encrypt, I set flen to RSA_size()
to encrypt just one block and decrypt it
Just a guess, but a fairly educated one, try setting flen to 1 byte (or even
1 bit) smaller than the key. What I suspect is happening is you are
sometimes trying to encrypt values that are larger than the modulus so
you're getting a modular reduction of the value encrypted.
Hi, I'm new to openssl. I tried to distribute some certs. So
what I supposed to do are,
1. became a CA. to generate a self-signed cert
2. generate a cert request and use the CA cert to sign this
cert req.
But how to do that by CA.pl. some cmds are a little bit
confusing for me. Any idea?
Hi,
I got a few questions about ciphering suites. Please help if you know the
answers.
- Are the list of cipher suites supported in TLS v1 and SSL v3 identical?
Like RSA_WITH_RC4_128_MD5 are being used in both protocol?
- Also, I checked the tls1.h in Openssl's include directory and found
I triad to compile openssl source code in AIX 4.3.3 Compiler version of
3.6.6 and also triad compiling with gcc.
In both cases I got the following error.
rm -f openssl
cc -o openssl -DMONOLITH -I../include -O -DAIX -DB_ENDIAN -qmaxmem=16384
openssl.o verify.o asn1pars.o req.o dgst.o dh.o
Hi everybody,
I am using the DH algorithm to produce a symmetric key (based on DSA private
and public keys).
There was no problem on Linux and Windows platforms as long as I had a
random device.
On Solaris platform, the routine DH_generate_key(dh) fails, because there is
no random device (and the
If all you're callling is DH_generate_key(...) then it should create
different keys. That function call only generates the public and private
keys. What you need to do is:
DH_generate_parameters(...)
transfer the parameters between machines so that they are both working in
the same field
Of course I'm calling the DH_compute_key(...) after sharing the DH public
key both sides.
The symmetric keys are already produced successfully on Windows and Linux.
Thanks, Ohad.
-Original Message-
From: Joseph Ashwood [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, February 14, 2001 6:14
Most likely these will sound like really stupid questions, but honest
they're the same questions I've had to ask myself to find the answers. Have
you verified that the parameters used by both sides are the same? Have you
verified that the public key is transferred correctly? I'm just trying to
Hi Joe.
All the basic stuff you mentioned is implemented right.
It is already *WORKING* on Linux and Windows platforms without any problems.
I encounter this problem probably because Solaris does not support random
device !!!
The manual seeding of the PRNG probably cause this problem (symmetric
"Bruker, Ohad" wrote:
Hi Joe.
All the basic stuff you mentioned is implemented right.
It is already *WORKING* on Linux and Windows platforms without any problems.
I encounter this problem probably because Solaris does not support random
device !!!
The manual seeding of the PRNG probably
I have openssl-0.9.6, egd-0.8 and prngd-0.9.3 installed on Solaris 2.6.
The imap and pop services seem to be working with ssl OK, and I was able
to generate test certs/keys etc. so I'm assuming egd and prngd are working.
In debugging some other stuff, I attempted to use openssl s_client ...
I
hello
whenever i search for documentation i get into
www.openssl.org/docs which no explaination of
library functions and error codes. so please
inform where to find the documentation.
thanks in advance
Do You Yahoo!?
Get
When using the OpenSSL to generate RSA keys, there is
a parameter "e-value", which can be either 0x10001 or
0x3. I have read some articles of RSA, but none of them
refer such a parameter, are there some body can tell me
what does this "e-value" do while generating RSA keys.
Any help are
I tried :
./openssl genrsa -des -out ca.key 2048
After I changed MIN for passphrase to 0 in openssl.cnf
No luck.
It still asks for passphrase and seeks a minimum of 4 chars. Since I
wondered where this 4 came from, I looked around.
I might be wrong, but it seems to make a call to
From: "Sandipan Gangopadhyay" [EMAIL PROTECTED]
sandipan I tried :
sandipan ./openssl genrsa -des -out ca.key 2048
sandipan After I changed MIN for passphrase to 0 in openssl.cnf
sandipan
sandipan No luck.
I don't get this! What exactly do you think encryption with no
(or 0-length)
42 matches
Mail list logo