"bad record mac" error

2003-05-27 Thread Haihong Wang
Recently I found that SSL-enabled server using openssl (version 0.9.6j) can not talk correctly to Netscape browser (and IE). I am using stunnel v4.04 as SSL server to accept https requests from client browsers, but client browsers always complain of "bad message authentication". The stunnel log

Re: BN_mod_exp with negative exponents

2003-05-27 Thread OpenSSL greg
- Original Message - From: "Andrew Berg" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Tuesday, April 29, 2003 7:06 PM Subject: BN_mod_exp with negative exponents > > I ran into a situation today that was not what I expected, and not what I > consider to be "right". > > Calling BN_mo

Re: Cannot generate Certificate!! HELP !!!!!

2003-05-27 Thread Marcus Carey
Sebastian Use their public key to encrypt the data. When they receive the data they will use the same key to decrypt the data. So all you need is their private key. Marcus - Original Message - From: "Sebastian Muñiz" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Cc: "Marcus Carey" <[EM

Re: Confused Newbie

2003-05-27 Thread Charles B Cranston
Given the information in http://us4.php.net/manual/en/function.curl-setopt.php My best guess is: CURLOPT_CAPATH for the root certificate CURLOPT_SSLCERTfor the client certificate CURLOPT_SSLCERTPASSWD for what? the private key? Are both the certificate and private key

openssl smime

2003-05-27 Thread Paul Falbe
If I create a signed message as follows openssl smime -sign -in msg.txt -CAfile CAcert.pem -signer UserCert.pem -inkey PrivateKey.pem -passin pass:pass -text -out msg.txt.signed and verify via openssl smime -verify -CAfile CACert.pem -inkey privateKeyAndCerts.pem -signer UserCert.pem -in msg.

Re: Confused Newbie

2003-05-27 Thread Charles B Cranston
More on php/curl That php curl man page points to a curl page, which says the ssl document is online. When I go there it says: = http://curl.haxx.se/docs/sslcerts.html ... If the remote server uses a self-signed certificate, or if you don't install curl's CA cert bundle or if it uses a cer

Re: i2d_DSA... and d2i_DSA

2003-05-27 Thread Dr. Stephen Henson
On Tue, May 27, 2003, Torsten Reuss wrote: > Hi, > > as the i2d_DSA... and d2i_DSA functions are documented a bit vaguely, I am > stuck trying to get them to work. I'd appreciate if somebody could tell me > what is wrong at the code below: > Read the FAQ. Steve. -- Dr Stephen N. Henson. Core d

RE: Cannot generate Certificate!! HELP !!!!!

2003-05-27 Thread Sebastian Muñiz
First of all thank you for the help But i have a few questions about this ... In the scenario that i mentioed earlier, both sides (A and B) should have 3 files (private key, x509 public cert and ANOTHER FILE) but i don't understand which one is this third file i mean, i generate my priv