Hi
I am trying to understand the method of generating key pais with
openssl.
The command
openssl genrsa -des3 -out ca.key 2048
gives me a file ca.key that looks something like this.
-BEGIN RSA PRIVATE KEY-
Message rejected as SPAM by ANT
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager [EMAIL
hi,
when you send an user cert in a browser, which content-type do you use ?
i found several times that the x-x509-user-cert type was not in the registry and
i had to write a .reg file like this
--
REGEDIT4
[HKEY_CLASSES_ROOT\MIME\Database\Content
thanks for all the help everybody,but now i'll get path errors,i will download
somewhere the libs i don't have the time to play around with perl and ...
That is what i get if i call do_ms
C:\Encyrypting\openSSL\toolkit\openssl-engine-0.9.6b\msperl util\mkdef.pl 32 ssleay
1ms\ssleay32.def
The
Here's what I did:
from openssl dir:
perl util\mk1mf.pl VC-NT dll ms/ntdll.mak
then nmake -f ms\ntdll.mak
If you look in ms\README, it tells you this; in a kind of
cryptic-around-the-houses type way.
Tat.
thanks for all the help everybody,but now i'll get path errors,i
will download
Hi everybody,
I have terrible problems with SSL. Our mail server, which uses OpenSSL, collects
private
bytes, and I believe, that
I am doing something wrong with the function calls, which free the SSL objects.
So I am asking, which is the right order to call the dealloc functions. Currently I
Hi ,
I have problem adding a dns name in my CSR. I try to put it in the
x509v3_extensions field of openssl.cnf file and generate a CSR. But once
I create my certificate there is no subjectAltName field.
[ X509v3_extensions ]
nsCertType = 0x40
subjectAltName =
[EMAIL PROTECTED] wrote:
thanks for all the help everybody,but now i'll get path errors,i will download
somewhere the libs i don't have the time to play around with perl and ...
That is what i get if i call do_ms
C:\Encyrypting\openSSL\toolkit\openssl-engine-0.9.6b\msperl util\mkdef.pl 32
Yes thank you all,i'm on the way already to get some glasses ;)
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager
Hello,
If you have a signing hierarchy of A signs B, B signs C, and C signs D, so
that A is your root CA and D is the end user certificate. If I want to
check that D is signed by A, does that mean that intermediate signers B and
C also have to be present in the certificate stack, or what
A, B and C need to be available to the certificate verification process
if you wish to check that D was signed by C, which was signed by B,
which was signed by A.
-Original Message-
From: Tat Sing Kong [mailto:[EMAIL PROTECTED]]
Sent: 10 December 2001 17:01
To: Openssl-Users@Openssl.
I compiled OpensSSL 0.9.6b on Solaris 2.7 successfully.
When I now try to compile OpenSSH (specifically ./configure) I get the
following error:
checking for OpenSSL directory... configure: error: Could not find working
OpenSSL library, please install or check config.log
Are you able to tell
On Mon, Dec 10, 2001 at 12:08:51PM -0500, Hardej, Andrew wrote:
I compiled OpensSSL 0.9.6b on Solaris 2.7 successfully.
When I now try to compile OpenSSH (specifically ./configure) I get the
following error:
checking for OpenSSL directory... configure: error: Could not find working
It's not REQUIRED that all certs in the chain be there, but it will
probably be useful -- at least the first time. :)
Would this be a hassle if you have a root CA with a lot of intermediate
signers? That means that you have to store/locate all possible intermediate
signers to evaluate a
Would this be a hassle if you have a root CA with a lot of intermediate
signers? That means that you have to store/locate all possible intermediate
signers to evaluate a couple of end user certificates.
This is why PKCS12 (iirc) provides a mechanism to provide intermediate
certs with the
Hi all,
I wrote a client which should exchange its cert with the server during the SSL
handshake.
My client gets the server certificate but the server doesn't get the client crtificate.
Can someone help me to fix the problem at the following source lines ?
The client side:
...
ssl =
Hi,
I just recently joined the OpenSSL world
to implement EAP-TLS, rfc2716, using OpenSSL libraries.
I could not make any significant progress for the last one week
due to lack of documentation on ssl libraries and
request your help.
EAP-server handles all the transformation of TLS-messages.
As far as I understand it, the server will not ask the client for a
certificate unless you explicitly tell the server to do so:
e.g.
SSL_CTX_set_verify() with the SSL_VERIFY_PEER flag set.
Pascal
- Original Message -
From: Shlomi [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Tuesday,
Title: Mail
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
Title: Mail
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
Solved.
-Original Message-
From: Hylton Tregenza
Sent: 10 December 2001 04:06
To: [EMAIL PROTECTED]
Subject: Generating openssl keypair.
Hi
I am trying to understand the method of generating key pais with
openssl.
The command
openssl genrsa -des3 -out ca.key 2048
gives me a file
Message rejected as SPAM by ANT
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager [EMAIL
22 matches
Mail list logo