config

hi!   I have a problem while trying to sign a client public key:   I get an error that looks like this:   ./demoCA/cacert.pem: No such a file or directory trying to load CA cetificate 835:error:02001002:system library: fopen: No such a file or directory: dss_file c:245:fopen c:/demoCA/cacert.

Machine Certificate??? (From Rakesh R)

Hi everyone,   I'm quite new to this domain. I need an explanation on the difference between the personal certificates and machine certificates.  By machine Certificates, I think it denotes either SSL client or SSL server certificates it raises another question: does machine certif

Machine Certificate (From Rakesh)

Title: Machine Certificate (From Rakesh) Hi, I'm quite new to this domain. I need an explanation on the difference between the personal certificates and machine certificates.  By machine Certificates, I think it denotes either SSL client or SSL server certificates it raises another qu

Re: how does server get client certificate?

George Check out the following link. http://www.openssl.org/support/faq.html#PROG10 Call the SSL_CTX_set_verify() function with SSL_VERIFY_PEER mode. Marcus - Original Message - From: "George Lind" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Thursday, April 19, 2001 12:23 PM Subj

Client mode vs. Server mode and combined...

I haven't done a lot with SSL before, but most of the interfaces in openssl seem reasonably straightforward and I have gotten some basic examples and test cases up and running. My question pertains to SSL methods ( SSL_METHOD ) and the difference between the different methods. I would like to kn

RE: yet another newbie: SMIME sign corrupting messages with multipleattachments : Use Outlook instead of SMIME

Wim, Thanks for you tip, I am going to try it out when I get the monkey off my back. I have done a workaround for now and am not using opensll, but using outlook200 to send the mails, but using a perlscript to send them. Here is the example code : Of course the outlook is being used to sign all

Re: win32 compile failed

***replied to -users you gave the no-*** to the wrong Perl script. You have go inside of the ms\do_masm.bat file and find the lines that call the perl script mk1mf.pl. Add the no-idea no-des to those lines. You might want to make a copy of the do_masm.bat file first. See if that works better.

certificate / privatekey passing

I think I just verified that my certificate is sane. At the suggestion of a co-worker, I prompted for my certificate private key password to verify it was right with: ./openssl pkcs8 -in ~me/theoneinquestion.cert -inform PEM It prompts with: Enter Password: and providing the known password y

Windows NT?

Can i install OpenSSL on an NT Box? If so where do i get a copy for NT. TIA, dylan __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automat

how does server get client certificate?

What function calls does a server have to make if it wants the client to send its certificate? Thanks, George __ OpenSSL Project http://www.openssl.org User Support Mailing List

Re: Linking problem on HP

On Thu, Apr 19, 2001 at 01:35:13PM -0400, Monique Mandala wrote: > /usr/ccs/bin/ld: Unsatisfied symbols: >X509_NAME_oneline (code) >SSL_accept (code) >RAND_seed (code) >SSL_set_fd (code) >SSL_library_init (code) >ERR_get_error (code) >SSL_CTX_set_verify (code) > etc. >

Linking problem on HP

I have written a Server program that works on NT and AIX, but when I install openssl on HP and try to run the compile script, I get the following error message: /usr/ccs/bin/ld: Unsatisfied symbols: X509_NAME_oneline (code) SSL_accept (code) RAND_seed (code) SSL_set_fd (code) SSL_l

OpenSSL and MacOS (pre-OS X)

I downloaded OpenSSL 0.9.6a, which has a MacOS folder in it. I had to do a fair bit of tweaking, and I'm still not getting all targets built; but I did get the "Roy's GetHPPTS" project running. I've successfully grabbed a couple https files, but the one compiled into the program

Re: X509_REQ_to_X509 has a bug ?

Thank you Vadim. I thought that by freeing with EVP_PKEY_free, only the EVP format is freed, and the RSA stays untouched. Thanks again. andras Vadim Fedukovich <[EMAIL PROTECTED]> Sent by: [EMAIL PROTECTED] 04/19/2001 07:41 PM Please respond to openssl-users                 To:      

Re: X509_REQ_to_X509 has a bug ?

Andras, you may want to handle private key some other way, namely dont free() it. hope this helps, Vadim On Wed, 18 Apr 2001 [EMAIL PROTECTED] wrote: > > Hi all. > I've made a function, which takes as params an x509 certificate request, > the ca's private key, and certificate, and makes a sign

win32 example error

Hi   Has anyone ever seen the one before.  Im starting from a fresh openssl install.   these are the strings i used. openssl.cnf modified to point to ca path.   openssl req -x509 -config openssl.cnf -out ..\ca\cacert.pem -keyout ..\ca\private\cakey.pem -new == ok     openssl req -new -keyou

RE: need "OpenSSL for Dummies"

The modssl manual describes in the "how-to" chapter at http://www.modssl.org/doc/2.8/ssl_howto.html how to set up apache with client certs. For CRL checking you might have to dig a little deeper in the modssl docs... Best Regards, Reiner. > -Original Message- > From: [EMAIL PROTECTED]

Re: need "OpenSSL for Dummies"

Hi You need to setup virtual host listening on port 443 and have compiled versiosion of apache with mod_ssl. For example You need to put something like this in virtual hosts httpd.conf: blah-blah for all other hosts Listen 443 DocumentRoot ServerAdmin [EMAIL PROTECTED] SSLEngine on SSLCertif

IIS and closing SSL connections

Hi, As an addendum to my other thread on closing SSL connections safely in an HTTP environment, most of my testing there was done between my own client and server. Now I start testing with IIS, and the IIS server looks like it closes the SSL connection "illegally", as my client gets SSL_ERROR_SY

Re: yet another newbie: SMIME sign corrupting messages with multipleattachments

"Dupont, Michael" wrote: > > Hello, > > This is the newest installment in the series of absolute beginner > questions about openssl. > > I have a question about using openssl smime on a file with multiple > attachments : > > We are using perl MIME::Lite to create a file with lots of attachment

RE: Closing SSL connections

Hi, Not my option, unfortunately, as we sell a toolkit for customer implementations. But I guess I have the same problem in a non-SSL environment in any case, so I have to handle it some way. G. -Original Message- From: Greg Stark [mailto:[EMAIL PROTECTED]] Sent: 19 April 2001 16:04 To

Re: Closing SSL connections

George, Do you really need to allow SSLv2? I'm curious, as I would think that by now there are almost no systems left which CANNOT use SSLv3. _ Greg Stark Ethentica, Inc. [EMAIL PROTECTED] _ - Original Message - F

[Crypt::SSLeay]problems access https 128 bit

I've got a web client using LWP working quite well. I've installed CryptSSLeay and Open SSL. I'm getting SSL access to secure sites at 40 bit without problems. I would like to connect to sites at 128 bit using the SSLv3 protocol. In this case I'm getting an error 403.5. I'm looking for any inform

RE: Memory Leaks in crypto\err.c

leaks reported by tools ususally include a lot of potential ones. That means, in the error conditions, the leaking will be possible. If you believe it, you should make every possible means to check all parametes before you make call to that function. Heyun Zheng [EMAIL PROTECTED] -Ori

Re: need "OpenSSL for Dummies"

Hi If it's the case that you are trying to install apache with openssl under linux, I think I can give you some informations. I'm basically working on the same thing and already managed to do this. Please tell me first if this is the case, because I'm only familiar with the Linux instalation. R

Memory Leaks in crypto\err.c

Hi, No man, I'm getting memory leaks in functions which get called by d2i_X509_CRL().. Bounds Checker is reporting huge leaks MBytes in funcions present in crypto\err.c I'm using openssl-0.9.6a on Windows 2000 Server, and I built it using ms\do_nt.bat Any help regarding this is appriciated.. As

RE: need "OpenSSL for Dummies"

http://www.modssl.org roberto. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Thursday, April 19, 2001 9:05 AM To: [EMAIL PROTECTED] Subject: need "OpenSSL for Dummies" I am trying very hard to find a good source for information on how to configure Apache

RE: Memory Leaks... in d2i_X509_CRL function...

I have used those openssl functions you mentioned and did not see any leaking. I have looked your code carefully and do not see any wrong either. Heyun Zheng [EMAIL PROTECTED] -Original Message- From: aslam [mailto:[EMAIL PROTECTED]] Sent: Wednesday, April 18, 2001 4:27 PM To: opens

need "OpenSSL for Dummies"

I am trying very hard to find a good source for information on how to configure Apache to use OpenSSL. Basically, I am trying to configure an Apache web server to use certificates and check for CRLs of the clients. Do you know of any good sources of instruction on how to configure OpenSSL? A

errors SSL

Dear [EMAIL PROTECTED], Dear Mr. Pahmp, do you get these errors with IE5.5 SP1 too? Thanx Best regards, -- Mit freundlichen Grueßen J. Alberti mailto:[EMAIL PROTECTED] Dongleware Computer GmbH Im Spitzerfeld 44-46 69151 Neckargemuend GERMANY

No Subject

    d000181700_1_s.gif

No Subject

Hi, I have managed to ompile the openssl 0.9.6 kit on a win2000 environment. 1. Is there any code sample that demonstrate how to use it whitin an http agent (As a matter of fact https agent)? 2. Will this code also work on Unix platform? Thanks in advance, Doron Tvizer www.CrediView.com ___