Have a look at the -pubout option of the "openssl rsa" command.
-Original Message-
From: Satish Krishnan [SMTP:[EMAIL PROTECTED]]
Sent: Monday, April 09, 2001 3:28 PM
To: [EMAIL PROTECTED]
Subject: public key
hi
i have generated a private key using rsa with openssl.how do
Hi,
first check if your existing cert is allowed to act as a CA cert. Print
the
cert details with "openssl x509 -text -in your cert.pem". If your
cert is
not yet in PEM format, add "-inform DER" to the above. In the resulting
output
check for lines like these:
X509v3
extensions:
X509v3
You can also use the DOS "SHELL" command to increase environment space.
Details can be gathered from a DOS 6.0-6.22 machine. Windoze doesn't have
any information on it, AFAIK.
-
John Airey
Internet Systems Support Officer, ITCSD, Royal National Institute for the
Blind,
Bakewell Road,
On Sun, Apr 08, 2001 at 05:24:35PM +0200, Christian Biesinger wrote:
I have another wish:
Would it be possible for the smime application to return another error
if no signature can be found?
This is because for a program (which knows nothing about S/MIME) a
message which is encrypted looks
Hello!
I'm a question about BIO.
How I build a BIO from an byte array?
For example,
byte [] array=...
BIO *pp= funcion( array);
How I get an array of byte from a BIO ?
byte [] array = function ( BIO );
Thanks in advance,
Regards,
Antonio.
--
You might be interested in the EGD (Entrophy Gathering Daemon) project. It's
a perl based daemon that sits in the backgroud and does what it's name
suggests. Programs can communicate with it trhough unix or tcp sockets...
Have a look at openssl's RAND_egd(3) manpage and EGD's homepage
Hello SSL-users,
I'm running Apache-SSL under Solaris 2.7 and
installed a second certificate / virtual ssl-server.
For this server, some Browsers fail
to connect to the ssl-server and the server logs say
[Mon Apr 9 14:18:55 2001] [error] SSL_accept failed
[Mon Apr 9 14:18:55 2001] [error]
Hi,
I want to write code that, given an x509 certificate, will generate a
certificate request with the exact same details (common name, organization,
serial number, validity etc.), only using my public key instead of the
original one.
How can I do this?
Thanks,
Eytan Segal
Sorry the commands would be to output as text of a certificate:
openssl x509 -in cert.pem -out text.pem -text
Then push the DN into a hash
Make a temp config.cfg file
Create a request using the config file
openssl req -config config.cfg -new -keyout request.pem -out request.pem
Then sign the
Not to worry - I'm used to wearing a helmet and asbestos jumpsuit... :)
Under Solaris, there is no /dev/random or /dev/urandom. There are a number
of substitutions. The default for OpenSSL is to use a PRNG (Pseudo Random
Number Generator) script. You have to edit it sine they do a poor job of
A more efficient way to decode a client certificate is to setup certificate
authentication on your server, use your certificate to enter it, send the
variables to cgi then pull out the $ENV{'SSL_CLIENT_S_DN'} variable and
create your certificate request from there.
Eytan Segal wrote:
Thanks, but not good enough :-(.
I'm after the code for performing this in one stroke (and with reasonable
efficiency) - without running openssl exe and manipulating files.
Well in outline
Read the certificate into an X509 structure.
Extract the DN into an
[EMAIL PROTECTED] wrote:
Hi all,
I am trying to generate an RSA keys pair and extract it to an (RSA *) which will
reprensent the public key and another (RSA *) for the private key part.
I am doing (based on demos/eay/loadrsa.c)
RSA *rsa,*pub_rsa,*priv_rsa;
int len;
unsigned char
Hello,
I have quite strange problem.
I wrote an appication which creates SMIME encrypted mail.
It is possible to read it with Netscape 4.76/4.77 on Linux, but Netscape 4.76
for Windows refuses to read it. As well as all flavours of MS Outlook
[Express].
Could some one on the list help me
You can also download the ANDIrand pkg for Solaris 2.5.1 - 2.8 SPARC
as well as 2.5.1 - 2.8 x88pc. This supports /dev/random and dev/urandom.
Works like a champ:
Author: Andreas Maier
URL: http://www.cosy.sbg.ac.at/~andi/
- Wally Winzer Jr.
Michael Sierchio wrote:
Scott Armstrong wrote:
Hello I have installed and configured openssl on my
linux box (redhat 6.2). Everything went fine now I
need to know how do I connect remotly from my NT
workstation?
I have seen with SSH that there is something called
putty but not sure what my next step is.
My goal is to be able to transfer
Hi!
I've been pouring over the online documentation somewhat, but I'm afraid
that I've been running in circles and I'm hoping that someone can give
me a clue or point me in the right direction.
My ultimate goal is to get the openssh client to authenticate to a
server using a private key (DSA
Date sent: Mon, 09 Apr 2001 14:52:57 -0400
From: Gila Monstre [EMAIL PROTECTED]
Organization: Gemplus
To: [EMAIL PROTECTED]
Subject:pem/bio/evp help
Send reply to: [EMAIL PROTECTED]
Gila
Convince your company
From: Michael Sierchio [EMAIL PROTECTED]
kudzu (This should be in a FAQ)
kudzu
kudzu SUNWski SKI 1.0 Software (User Package) installs a /dev/random for
kudzu Solaris.
It is :-)
http://www.openssl.org/support/faq.html#USER1
--
Richard Levitte \ Spannvgen 38, II \ [EMAIL PROTECTED]
Hmmm... perhaps I'm asking the wrong
question.
What I want to appear in the certification path
when I double click on the padlock in IE is the tree: thawte, then the
certificate signed by thwate then the certificate that I've made.
Do you understand what I mean?
I've done this before,
Hi,
At the bottom of the man page for CA.pl, it mentions about DSA certificates.
How is it different from the RSA certificates? Where can I find more
information about it?
Thanks
Patrick
__
OpenSSL Project
I am looking for the Encryption, Authentication and Access control
algorithms for OpenSSL and Apache. Could you assist or point me in the
direction I need to be looking. I am running RedHat but they dont seem to
know what I am asking for. Thanks in Advance. WBL
DSA is a signature-only encryption scheme. If you don't know all about
it, then you don't need it, and can ignore it. Honestly.
/r$
__
OpenSSL Project http://www.openssl.org
User Support
Help:
1. Does someone know how to use the client certificate vefiry callback as:
SSL_CTX_set_cert_verify_cb
SSL_CTX_set_client_cert_cb
2. I want to use change the ssl stucture state which comes from SSL_new(ctx),
where the ssl is first set as
SSL_set_verify(ssl,SSL_VERIFY_PEER,verify_cb)
Help:
In the communcation process with a secure web server,when the user choose to trust the
server,i want to make reset the ssl's state by
SSL_set_verify(ssl,SSL_VERIFY_NONE,NULL),or
SSL_set_verify(ssl,SSL_VERIFY_PEER,verify_callback)
but the ssl do as before,not do what i want it do reverse.
25 matches
Mail list logo