Is that possible? Now that we have a nice internal PKI running, I'd like to
exploit it as much as possible. Is there any way a SSL cert could be used
within openssh? So that if you tell openssh to use /home/jhaar/.my-cert.pem,
then it'll use that instead of the .ssh/id_rsa* or .ssh/id_dss* files...
hi Henson,
Thanx for the suggestion. I tried the following Code :
unsigned char CA_cert[811]={
0x30,0x82,0x03,0x27,0x30,0x82.};
/* load our CA cert into the certificate chain */
c = CA_cert;
x = d2i_X509(NULL,&c,(long) sizeof(CA_cert));
if( x == NULL ){
goto end;
}
cert_st
I am working on a CA project, in which I have Internet
Explorer generate the RSA
public/private key pair and send it to the CA for a
client certificate.
This way, the private key stays somewhere with the
local computer. And thus I assume that the
certificate is confined to this computer. Well, I
In message <[EMAIL PROTECTED]> on Thu, 3 Apr 2003 15:22:55 -0600, "Matthew Fleming"
<[EMAIL PROTECTED]> said:
mgf> 1. I have read Rescorla's book and am now reading "Network
mgf>Security with OpenSSL" by Viega et al. The latter stresses the
mgf>importance of registering callbacks for mult
My question is, do I need to register these callbacks even if my own
code will always call the openssl functions from a single thread of
execution?
no.
My question is, what "cleanup stuff" do I need to call to free up
resources claimed by SSL_library_init()?
Look at the last dozen or so lines of m
OpenSSL masters,
I have two questions.
1. I have read Rescorla's book and am now reading "Network Security with
OpenSSL" by Viega et al. The latter stresses the importance of
registering callbacks for multithreading support. It seems to imply that
all openssl library users should do this. But Res
Hi,
does there any possibility to run engine-pre-commands,
when using openssl command-line applications (genrsa, smime, verify,
...), please?
For example,
I would like to supply user PIN code when using pkcs11 engine which
talks to the smart card.
Thank you in advance,
Victor.
___
Thanks Charles
I'll try this one
Ajay.
- Original Message -
From: "CHARLES CHEBLI" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Thursday, April 03, 2003 6:05 PM
Subject: Re: seeding the PRNG on Windows
> Hi
> You can use egads that is free and you can download it from
> http://
Hi
You can use egads that is free and you can download it from
http://www.securesw.com/egads/
An example of seeding the PRNG of OpenSSL with EGADS is the following:
int seed_prng(int bytes)
{
int errors;
char *buf;
prngctx_t ctx;
egads_init(&ctx, NULL, NULL, &error);
if(error)
Simple question
What is the "correct" way of getting the bytes in a BIO?
Should I use BIO_get_mem_data(), BIO_read() or something else maybe.
An example is a BIO containg encrypted data. Here I want to:
- Get the needed size for my buffer
- Copy the bytes to my "unsigned char" buffer
Med venl
Hi there,
I'm quite new to SSL, and I'm trying to create SSL certificates for internal
use only. So far, I installed the default Debian package and did the
following:
GENERATION OF ROOT CERTIFICATE
openssl req -new > ca.csr -keyout ca.pem
openssl rsa -in ca.pem -out ca.key
openssl x509 -in ca.c
Hello All,
I am new to OpenSSL programming and needed some advice. Could someone tell
me, what is the usual way of seeding the PRNG in OpenSSL. I am developing my
server application for Windows platform. Hence I wanted to know the general
practice which everyone is following for Windows since ther
12 matches
Mail list logo
