> As far as I see in msdn, the code
>
> 0x800b010f
>
> seems to indicate that the common name in the server cert is not
> identical to the hostname
>
>
> I'd recommen to have something like the folloiung in your config file
> for your server
>
> extensions = x509v3
> [ x509v3 ]
> subjectAl
Do you mean the book
Network Security with OpenSSL
Cryptography for Secure Communications
By John Viega,
Matt Messier,
Pravir Chandra
June 2002
ISBN: 0-596-00270-X
or is there another SSL book by O'Reilly?
"Network Security with OpenSSL"
is NOT an optional read if you work with t
ok. You get the CDP from the certificate, load the CRL from the CDP, verify the CRL
against the root cert. to verify that the signature matches, it has not expired, etc.
, then see if the cert's number is in the CRL. Check out the book 'OpenSSL' by
O'Reilly. It walks you through all that, or
Jon Bendtsen wrote:
i can verify a certificate against a root certificate, with
openssl verify -CAfile root.ca rsacert.pem
but how do i know that the certificate i try to verify has not been
revoked?
At the risk of seeming to oversimply a VERY complicated issue:
1. You have been downloading Ce
Hi all !
I must encapsulate OpenSSL to make a simple SSL API. Have you some
propositions to do ?
I think to propose few functions like :
- Init(peer_type) /* client or server */
- Configure(arg, value) /*
port, address, SSL version ...*/
- Read()
- Write()
- Close()
-
Den 21. sep 2004, kl. 15:43, skrev Lee Baydush:
You can't tell if it has been revoked. That's why they are 'trusted
roots'. If you think your root ca has been compromised, that is when
you usually hit the big red panic button and shut down the shop.
no no, it's not the root ca that has been rev
You can't tell if it has been revoked. That's why they are 'trusted roots'. If you
think your root ca has been compromised, that is when you usually hit the big red
panic button and shut down the shop.
-Original Message-
From: Jon Bendtsen [mailto:[EMAIL PROTECTED]
Sent: Tuesday, Septe
i can verify a certificate against a root certificate, with
openssl verify -CAfile root.ca rsacert.pem
but how do i know that the certificate i try to verify has not been
revoked?
JonB
__
OpenSSL Project
How do I portably generate a random salt within a C program for use in
PKCS#5 v2.0 key derivation?
I find that just calling RAND_bytes() works OK on Win32 using 0.9.6 and
later, but not with 0.9.5. I can fix it by calling RAND_screen()
first. Is this OK? Do I also need to call RAND_screen()
The servername and srp authentication are supported by
http://www.edelweb.fr/EdelKey/
> I am interested in adding extensions support for tls protocol. It seems
> that OpenSSL does not support it yet. So, if anyone has done something
> on this, can I join in and offer some efforts?
___
Hi,
I want to get profiling information about my applications, but if my
application contain openssl functions, then I cannot get profiling
information. The gprof (software for profile applications) get 0
miliseconds for all functions that I have made and they use openssl
functions.
I use g++, but
11 matches
Mail list logo