You can also check to make sure that the certificate that apache+mod_ssl
is trying to read is in Base64...Everytime, I get these errors, 9 times
of 10, its because my certificate is in DER format where apache is
expecting it in PEM (Base64).
-Original Message-
From: [EMAIL PROTECTED]
[mai
I believe Gregory Stark meant RFC2246.
-Original Message-
From: David Schwartz [mailto:davids@;webmaster.com]
Sent: Tuesday, November 12, 2002 4:04 PM
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: Re: OpenSSL and compression using ZLIB
On Tue, 12 Nov 2002 18:36:45 -0500, Gregory St
On Tue, 12 Nov 2002 18:36:45 -0500, Gregory Stark wrote:
>I believe that RFC2248 requires this behavior.
That doesn't seem to be the right RFC. Could you try again?
DS
__
OpenSSL Project
I believe that RFC2248 requires this behavior.
==
Greg Stark
[EMAIL PROTECTED]
==
- Original Message -
From: "Le Saux, Eric" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, November 12, 2002 1:13 PM
Subject: RE: OpenSSL and compression u
Hi Tim:
THANKS for your email.
What is TEST SERVER Program?
To make sure that this is an openssl issue, and not
your apache configuration, or the hardware that you
are using (I noticed the ssl_engine_log), try running
the test server program that is with the openssl
distribution.
Regar
hi,
i created a self signed certificate using openssl.
i want to put my ca cert into the ca-bundle.crt. how do i do
that?. i want to put it in the ca-bundle.crt obtained while
installing modssl as it helps me to manage more ca's while i send
mail from one username to another using smime tool.
To make sure that this is an openssl issue, and not
your apache configuration, or the hardware that you
are using (I noticed the ssl_engine_log), try running
the test server program that is with the openssl
distribution.
Regards,
Tim
--- Manoj Kithany <[EMAIL PROTECTED]> wrote:
> Hi Experts:
>
>
On Wed, Nov 13, 2002 at 09:20:51AM +1300, Jason Haar wrote:
> 1.> find out what charset LDAP returns in
> 2.> find a way to translate those strings into unicode
> 3.> feed the result into OpenSSL with "string_mask=utf8only"
Actually, it wasn't as hard as all that.
Instead I set "string_mask=pkix"
On Tue, Nov 12, 2002 at 02:02:33PM +0100, Dr. Stephen Henson wrote:
> This is an alighty can of worms...
>
> If you want to use OpenSSL to generate these things you can mess around with
> the config files to accept input as UTF8 and you have to arrange the terminal
> to output UTF8 sequences, or w
Manoj Kithany wrote:
> [12/Nov/2002 10:04:37 28132] [error] Init: Unable to read server certificate
> from file /usr/local/ssl/bin/public.csr (OpenSSL library error follows)
> [12/Nov/2002 10:04:37 28132] [error] OpenSSL: error:0D09F007:asn1 encoding
> routines:d2i_X509:expecting an asn1 sequence
Hi Experts:
I have Apache(with SSL) on my IBM AIX Box. I installed it using RPM.
When I run my APACHE as ssl using: "./apachectl startssl" I get following
error:
--
# ./apachectl startssl
./apachectl startssl: httpd could not be started
#
--
Hi
Is it possible to store only the private key in a p12 file and hold the
certificate and ca certificates in another p12 file?
If yes, how can I do that?
Oliver
*** BITTE BEACHTEN ***
Diese Nachricht (wie auch allfällige Anhänge dazu) beinhaltet
möglicherwei
hi
thanks a lot
pls can u explain the reason the behaviour in a little more detail
with regds
ajay kumar
Lutz Jaenicke <[EMAIL PROTECTED]> on 11/12/2002 07:06:28 PM
Please respond to [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
cc:(bcc: Ajay Kumar Kasam/HSSBLR)
Subject: Re: how to
On Tue, Nov 12, 2002 at 06:53:22PM +0530, [EMAIL PROTECTED] wrote:
> the problem i'm facing is that..i have server certificate signed by the
> SubCA and SubCA's certificate signed by the
> root CA. and i just loaded server certificate in the server side using
> SSl_CTX_use_certificate_chain
Hi Everybody,
This might look very absurd.but pls look into this.
pls let know what is the importance depth that we pass in the API
SSL_CTX_set_verify_depth()
Thanks in advance
With Regards
Ajay Kumar
__
OpenSSL Projec
hi
thanks a lot for the information u shared with me.
the problem i'm facing is that..i have server certificate signed by the
SubCA and SubCA's certificate signed by the
root CA. and i just loaded server certificate in the server side using
SSl_CTX_use_certificate_chain_file()
and
i
Hi all,
I have to build openssl in Unix SCO 5.05, but I have never
compiled openssl in unix, and there is no much time left.
So, those who have experience in building openssl in Unix
SCO, would you mind help me with belowing problems?
1) Which version of openssl is the easiest to build in
Unix S
When you initialize the SSL context you can select the SSL version using the
SSL method object.
SSL_METHOD *method;
method = SSLv2_server_method();
method = SSLv2_client_method();
TLSv1
SSLv2
SSLv3
SSLv23
- Original Message -
From: "Prabha Suresh" <[EMAIL PROTECTED]>
To: <[EMAIL PROTE
On Tue, Nov 12, 2002, Jason Haar wrote:
> Hi there
>
> I want to generate certs from our internal LDAP server. We have people from
> all over the world here, and so some of these entries have 8bit chars in
> their names (shock! horror!)
>
> Now I went off and generated a cert for one "Frank Öste
Always compile the latest version (0.9.6g) - it has bug and security
fixes. Each version is an improvement on the previous one, it is not
that certain versions are designed for certain platforms. Follow the
installation instructions and use the gcc compiler if possible...
>-Original Message-
Hi all,
I have to build openssl in Unix SCO 5.05, but I have never
compiled openssl in unix, and there is no much time left.
So, those who have experience in building openssl in Unix
SCO, would you mind help me with belowing problems?
1) Which version of openssl is the easiest to build in
Unix S
At 16:51 12.11.2002 +1300, you wrote:
Now I went off and generated a cert for one "Frank Österberg" (that's an "O"
with two dots on top), and when I "vi" the PEM afterwards I see
"\xD6sterberg".
Run your PEM through
"openssl asn1parse -dump -in myfile.pem"
That will display the encoding. Post
At 16:51 12.11.2002 +1300, you wrote:
Hi there
I want to generate certs from our internal LDAP server. We have people from
all over the world here, and so some of these entries have 8bit chars in
their names (shock! horror!)
Now I went off and generated a cert for one "Frank Österberg" (that's a
Hi, Jason!
Some input, maybe it helps:
To my understanding, UTF8 would encode Ö as \xc3\x96 and Ä as \xc3\x84
"D6" is "214" is the position in ISO8859-1 of the Ouml (Ö).
So, LDAP exported iso8859-1 (or so) I suppose, and not UTF8.
(with Mozilla it could be that you use some non-iso translation)
Hi,
How can i make my cerficate/keys to work in a specified version (SSL 2.0)??
Thanks
Prabha
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTE
Hi,
I'm looking for the libCSUNSAPI.so file in order to use openssl engine
with my IBM 4758 CCA device.
Can you tell me where can I found it ???
Thanks,
Michiels Olivier
__
OpenSSL Project http://
On Tue, Nov 12, 2002 at 01:58:50PM +0530, [EMAIL PROTECTED] wrote:
> if we have scenerio where root CA gives certificates to SubCA which in turn
> gives certifcates to our server.
> what all the server shud give in the handshake ( both the SubCA and server
> certifcates or only server certificate o
Hi
i have some confusion regarding the CAfile and CApath for
SSL_CTX_load_verify_locations()
if we have scenerio where root CA gives certificates to SubCA which in turn
gives certifcates to our server.
what all the server shud give in the handshake ( both the SubCA and server
certifcates or onl
On Mon, Nov 11, 2002 at 06:17:41PM -0800, David Schwartz wrote:
> The application uses a bio pairs approach, using OpenSSL just as a data
> pump. OpenSSL itself does not touch any sockets. Three bios are used, the
> SSLbio is used to pass cleartext to and get cleartext from the SSL
> connection
29 matches
Mail list logo