Hi,
We are using openssl 0.9.6 on HP-UX 10.20.
The two compilers that can be used is cc and gcc.
I would like to use aCC (01.27) with the new standard c++ library (with
switches -AA -D_RWSTD_MULTI_THREAD)
I have succeded in building everything with gcc, but the libraries
wouldn't be compatible
You are misinterpreting the meaning of BIO_should_retry(). What it is
telling you is that you should wait until a certain condition is
satisfied on the underlying transport (SOCKET in this case) before you
retry. You can retry immediately but that is likely to be inefficient.
Is it
Marcus Carey a crit :
Can
someone explain the following warning?Client-SSL-Warning:
Peer certificate not verifiedActivePerl
623Windows IIS 5.0Windows
2000 ServerCrypt-SSLeay
from Activestate repositoryMarcus
Hi !
This should be a warning due to the verification of the Server Certificate
Thanks Lutz,
I'm incorporating OpenSSL into a web browser and what I'm really after is a behavior
similar to the other browsers around i.e. when an untrusted site is visited the user
is warned but also gets the option to 'install' the received server certificate so
that the next time the site
On Wed, Apr 04, 2001 at 10:03:27AM +0100, Graeme English wrote:
I'm incorporating OpenSSL into a web browser and what I'm really after is a behavior
similar to the other browsers around i.e. when an untrusted site is visited the user
is warned but also gets the option to 'install' the received
On Wed, Apr 04, 2001 at 10:45:24AM +0200, Janne Blomqvist wrote:
We are using openssl 0.9.6 on HP-UX 10.20.
The two compilers that can be used is cc and gcc.
I would like to use aCC (01.27) with the new standard c++ library (with
switches -AA -D_RWSTD_MULTI_THREAD)
I have succeded in
I've written a document as part of my own openSSL notes that describes
how to code an SSL client and server using the openSSL libraries. It's
a bit noddy but it does the job.
These might be useful for people just starting (I know I was looking for
such a document when I started), so if you
Hi all,
are there openssl commands to generate a certificate revokation request?
Is the command
openssl x509 -x509toreq -signkey key.pem -in cert.pem -out
cert.req
a possible candidate?
Has a certificate revokation request a given format? Where is that
described? Where can I get
From: Janne Blomqvist [EMAIL PROTECTED]
jebl We are using openssl 0.9.6 on HP-UX 10.20.
jebl The two compilers that can be used is cc and gcc.
jebl I would like to use aCC (01.27) with the new standard c++ library (with
jebl switches -AA -D_RWSTD_MULTI_THREAD)
jebl I have succeded in building
On Wed, Apr 04, 2001 at 12:14:48PM +0200, Richard Levitte - VMS Whacker wrote:
I've never heard of aCC before, so I haven't tried it, and it hasn't
been reported here that I can remember. I'm curious to know what
exactly -AA does that makes those object files different...
Many years ago HP
Hi,
aCC or aC++ is HP's C++ compiler. The RogueWave Standard C++ Library 2.2.1 is
bundled with HP aC++ 01.27. To use it you have to specify -AA, include paths are
changed to include_std and libraries are libstd_v2 and libCsup_v2. The macro
-D_RWSTD_MULTI_THREAD is used instead of -D_THREAD_SAFE
From: Janne Blomqvist [EMAIL PROTECTED]
jebl aCC or aC++ is HP's C++ compiler. The RogueWave Standard C++
jebl Library 2.2.1 is bundled with HP aC++ 01.27. To use it you have
jebl to specify -AA, include paths are changed to include_std and
jebl libraries are libstd_v2 and libCsup_v2. The macro
Tat,
Well, did you write the client and put such a check in?
That is what clients such as IE and Netscape do. These clients check the CN
of the cert (and maybe the subjectAltDNSName??) to verify that it matches
exactly what the user typed in. For example, if I type into IE
On Wed, Apr 04, 2001 at 01:36:21PM +0200, Richard Levitte - VMS Whacker wrote:
From: Janne Blomqvist [EMAIL PROTECTED]
jebl aCC or aC++ is HP's C++ compiler. The RogueWave Standard C++
jebl Library 2.2.1 is bundled with HP aC++ 01.27. To use it you have
jebl to specify -AA, include paths
What version of SSL is the client using using? I've had this problem
before, and there are other mails in the archive which describe this error,
when a "broken" server cannot perform SSL version negotiation properly, i.e
if your client is using SSL version 23. Hardcoding the version to 2 or 3
try look at CMC (RFC ) and CMP/CRMF (RFC 2510 / 2511)
Martin
Hi all,
are there openssl commands to generate a certificate revokation request?
Is the command
openssl x509 -x509toreq -signkey key.pem -in cert.pem -out
cert.req
a possible candidate?
Has a certificate
[EMAIL PROTECTED] 04/04/01 10:32:37
As you say if I the peer sends the certificate chain then the verify error changes
to X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN, but I don't think this is the behavior I
need (also its up to the web server whether it sends the chain, I believe)
No, it is not
Hi,
I am new to crypto.
I have to support PBKDF2 of PKCS #5 v2.0 in one of my projects. Would I be able
to get free implementation for the same?
Is SHA_1 is different from HMAC with SHA_1?
Could somebody guide me how to use SHA_1 of openssl?
Is there any pointer that would through some light
On Wed, Apr 04, 2001 at 02:37:23PM +0100, Graeme English wrote:
I mentioned this since previously I had not defined SSLCertificateChainFile in my
httpd.conf (apache , mod_perl) and when I did the following (excuse the hack!)
STACK_OF(X509) *cert_chain = (struct stack_st
Filipe,
I have successfully implemented some opensSSL with Windows NT. The
problem you are describing could be due to:
1) The client rejecting the server cert because it does not trust it.
2) The server not sending the client a list of recommended CA's
3) The server cert not having the same
At 10:47 AM 4/4/01 +0100, you wrote:
I've written a document as part of my own openSSL notes that describes
how to code an SSL client and server using the openSSL libraries. It's
a bit noddy but it does the job.
These might be useful for people just starting (I know I was looking for
such a
opensslreq
-in pkcs10receivedfromclient.csr
-config configfilewithDN.cnf
-out pkcs10withNewDN.csr
is ignoring the DN in the config file.
The pkcs10receivedfromclient.csr has "DC=COM"
and configfilewithDN.cnf has
[ req ]
...
distinguished_name = req_distinguished_name
[
The only problem is that the last couple of bytes which should be
transmitted are not; an error occurs. My `server' log shows:
error while reading SSL socket from 127.0.0.1: error:1408F10B:SSL routines:SS
L3_GET_RECORD:wrong version number
reached sclose() with SSL
The `client',
Hi
I am trying to use the openssl product in an application I am writing using
MS VC6. I am also using the stl.
When I try to compile my project, I get the following errors:
d:\openssl-0.9.5a\inc32\openssl\bn.h(411) : error C2955: 'modulus' : use of
class template requires template argument
Marcus Carey wrote:
Can someone explain the following warning?
Client-SSL-Warning: Peer certificate not verified
ActivePerl 623
Windows IIS 5.0
Windows 2000 Server
Crypt-SSLeay from Activestate repository
Sorry for not getting back sooner, but its been a hard
week. I'm the
Jeeva Chelladhurai wrote:
Hi,
I am new to crypto.
I have to support PBKDF2 of PKCS #5 v2.0 in one of my projects. Would I be able
to get free implementation for the same?
PKCS#5 v2.0 is supported by OpenSSL, indeed it was used to generate the
test vectors using on RSAs site. Check
Hi,all
before i comple the openssl,i use the vcvars32.bat in the directory D:\Program
Files\Microsoft Visual Studio\VC98\Bin
but it tell me that out of the environment space,what shoud i do !And another question
,i want to know how I.E support ssl.Do i need make any changes about I.E?
thank
Hi,
I was looking for some function like following;
time_t ASN1_UTCTIME_get(const ASN1_UTCTIME *s);
and I found that this function is in #if 0 /* */ #endif
The reason is specified there, but its not clear.
Can someone give a better idea of this.
And which functions I use for following needs:
1.
28 matches
Mail list logo