Many packages that handle keys and certificates refer to 'PEM format'. I
have observed that this usually means that a DER formatted ASN.1 object is
base64 encoded, and then placed within encapsulation boundaries (EBs) eg.
-BEGIN CERTIFICATE- and -END CERTIFICATE-.
I know that the
Gary Chen wrote:
>
> Hello openssl-users,
>
> Why I can't convert the cert to pkcs12 except the private key ?
> I wanna only export my personal cert and CA cert to a pkcs12 file
> for SecureEmail(S/MIME).
> But I don't know how to do that. I usd the command:
> openssl pkcs12 -inkey my.
Hello openssl-users,
Why I can't convert the cert to pkcs12 except the private key ?
I wanna only export my personal cert and CA cert to a pkcs12 file
for SecureEmail(S/MIME).
But I don't know how to do that. I usd the command:
openssl pkcs12 -inkey my.key -out my.p12 -export -certfile
WinPcap came in handy for me at one stage, you might find some tools here:
http://security.oreilly.com/news/securingnt2_1200.html
Chet
-Original Message-
From: Martin Witzel [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, March 13, 2002 2:59 AM
To: [EMAIL PROTECTED]
Subject: Re: Net::SS
Jean-Luc Cooke wrote:
>
> Greetings,
>
> I am searching for the standards document outlining the process an email
> client say, downloads a certificate for encryption.
>
> Alice wants to send Bob an S/MIME email using "openssl smime", how
> does she get his cert?
>
The usual way is that Bob h
To: "'[EMAIL PROTECTED]'" <[EMAIL PROTECTED]>
From: "Zamangoer, Ferruh" <[EMAIL PROTECTED]>
Subject: AW: OpenSSL version
Date: Thu, 14 Mar 2002 11:24:51 +0100
> Does it mean that the SSL accelerator is an software, which accelerates SSL
> Connections.
No. not a software, but a hardware. For ex
Greetings,
I am searching for the standards document outlining the process an email
client say, downloads a certificate for encryption.
Alice wants to send Bob an S/MIME email using "openssl smime
", how
does she get his cert?
RFC numbers and URLs would be ideal.
Thank you can please keep up t
Hi everyone,
I've got a few products that use openssl. A web server, an Imap server
and a pop server. The problem is that the Applications say to go to the
openSSL docs for information and the OpenSSL docs are not application
specific. I have the Apache server integrated with mod_ssl and have
g
hi,
I'm a little lost right now, haven't played with certs too much ... well I
need some help.
here is what I need:
- Load a CA from file (later it will be hard coded)
- Generate Cert, using same fields as FILE CA but diff hostname
- Sign the new Cert with loaded CA
How can I do it ? Any examp
Mads Rasmussen wrote:
>
>
> I was reading the guide:
>
> "SSL Certificates HOWTO" by Franck Martin and tried setting up a CA,
> created a CA cert, a user cert and then I would like to try to revoke my
> user cert
>
> Just to test.
>
> The guide says:
>
> Openssl -revoke usercert.pem
>
> How
Title: RE: SSL_pending() and SSL_ERROR_WANT_READ
Bodo,
Since s->rstate is set to SSL_ST_READ_HEADER prior to record decryption and decompression, wouldn't SSL_pending() still incorrectly indicate that there is data ready to be read in cases where either of these fail?
John Hughes
Software E
I was reading the guide:
"SSL Certificates HOWTO" by Franck Martin and tried setting up a CA,
created a CA cert, a user cert and then I would like to try to revoke my
user cert
Just to test.
The guide says:
Openssl -revoke usercert.pem
However this command seems to have disappeared fro
On Thu, Mar 14, 2002 at 09:53:22AM -0800, Randy Bias wrote:
> The situation:
>
> - Running openssl-0.9.6b, apache-1.3.22+ssl, prngd-0.9.23.
> - Attempting to created self-signed cert for Apache-SSL
> server.
> - prngd is running:
>
> root 569 1 0 Mar 12 ?
Anyone know where I can look for Assemler code for MD5
and DES/3DES for a MIPS 2 RISC processor?
Thanks,
AH
__
Do You Yahoo!?
Yahoo! Sports - live college hoops coverage
http://sports.yahoo.com/
___
John Hughes <[EMAIL PROTECTED]>:
> I can confirm: There is a discrepancy between the SSL_pending()
> manpage and the source. SSL_pending() returns rrec.length in
> ssl3_pending() (as of 0.9.6a, we also verify that the SSL record
> being processed is application data, else zero is returned). Thi
Title: RE: SSL_pending() and SSL_ERROR_WANT_READ
Hi John, Lutz,
Thanks for your reply. I can reproduce the
SSL_pending() reporting non-zero but immediate call to SSL_read() returns
WANT_READ. Since SSL_read() will not
block when using nonblocking socket, we should be safe to not rely on
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Gentlepeoples,
I'm sure this question has been asked many times, but unfortunately,
I can't seem to find any very good information on the subject. I've
looked at openssl sites/FAQs, apache-ssl, and others, but it's just
plain missing. So
Hello all! I have recently downloaded and compiled successfully
openssl-0.9.6c for Solaris 2.6. Or at least that is what the messages
tell me. However, when attempting to compile openssh-3.1p1.tar.gz I get
the following error:
cofnigure:7868 error: Could not find working OpenSSL library, ple
Common wisdom on this topic seems to be that you should
handle the I/O in your own code and use BIO pairs to do the
handshake/encryption/decryption.
If you search the list archives for the keyword "overlapped"
or "completion port" you will find a couple of good
descriptions of what to do.
Daryl
Just want to say thanks to all for the help getting my IIS server to accept
my self signed CA.
Here is a script to create user certs.
# This script takes html form data and generates a pem encoded certificate
reque
st.
#created by Tom Hash
MAIN: {
require "cgi-lib.pl";
use Expect;
#read in al
On Wed, 13 Mar 2002 [EMAIL PROTECTED] wrote:
> Hello,
>
> I am trying to use the OpenSSL library to pull the RSA key material from a
> known RSA key pair. What I would like to get is the private key material,
> the public modulus, and the exponent in BER or DER format.
>
> Any ideas, help in the
Hi Micheal,
the option to configure are:
Configuration Options
-
There are several options to ./config (or
./Configure) to customize
the build:
--prefix=DIR Install in DIR/bin, DIR/lib,
DIR/include/openssl.
Configuration files used by OpenSSL
will be i
Afer generating your private key, try
openssl rsa -in /php_data_priv.key -pubout -out /php_data_pub.key
The file "php_data_pub.key" will contain the public part of the key only.
Cheers,
Steve
> Hi,
>
> I want to make use of public key encryption
> in my program, but I do not know how to generat
Title: RSA key material in BER format
Hello,
I am trying to use the OpenSSL library to pull the RSA key material from a known RSA key pair. What I would like to get is the private key material, the public modulus, and the exponent in BER or DER format.
Any ideas, help in the right direct
Hello all! I have recently downloaded and compiled successfully
openssl-0.9.6c for Solaris 2.6. Or at least that is what the messages
tell me. However, when attempting to compile openssh-3.1p1.tar.gz I get
the following error:
cofnigure:7868 error: Could not find working OpenSSL library, ple
The engines are all vendor specific today... There has been some work to
bring a PKCS#11 "engine" in Look in the mailing list archives for
posts from adnovum...
Eric Gilbertson wrote:
>
> Richard:
>
> I thought that the engine used PKCS#11 to interface to HSMs. In this
> case it should b
On Thu, 14 Mar 2002, Frank Geck wrote:
> Vadim,
> Is that because those members in the structure are not propulated? What
> is the issuer info? Is this the common name of the recipients? I don't
> think so. This is just the serial number of the cert and the issuer so you
> could if you ha
i've installed openssl in solaris os version 5.7, and when
i run the make test the ./randtest is blocked?
Any idea?
Thanks!
_
Le journal des abonnés Caramail - http://www.carazine.com
Hi,
I want to make use of public key encryption
in my program, but I do not know how to generate
the public key that will be used to encrypt the data.
Can you tell me how to do that.
I use the following to generate the private key:
openssl genrsa -rand /var/log/messages -out /php_data_priv.key
Richard:
I thought that the engine used PKCS#11 to interface to HSMs. In this
case it should be able to work with any PKCS#11 compatible device.
Your comment implies though that the engine interface is vendor
specific. Can you clarify?
TIA,
Eric Gilbertson
[EMAIL PROTECTED]
At 01:37 PM 3/14/
1. Will OpenSSL work with Windows Asynchronous Sockets?
2. I mean, will the WSAAsyncSelect()... work when using ssl?
I am halfway in implementing the asynchronous sockets in my project...
so it won't be a disaster to switch to another method...
3. Can anyone give me advice what is the best method
Vadim,
Is that because those members in the structure are not propulated? What
is the issuer info? Is this the common name of the recipients? I don't
think so. This is just the serial number of the cert and the issuer so you
could if you had all the certs on each machine find all the recie
32 matches
Mail list logo
