>From reading the code, it appears that OpenSSL is perfectly
happy to have BIOs statically allocated. For instance,
BIO bio;
if(!BIO_set(&bio,BIO_s_socket())) {
ERR_print_errors_fp(stderr);
return 0;
}
BIO_set_fd(&bio, fd, 0);
appears effectively equivalent to dy
ray v wrote:
Ok I figured it out, doh!
Here's part of my openssl command
openssl x509 -req -days $days -in $csrfile -extfile
extfile -extensions extend
I use -extfile and -extensions
Here's my extfile
extensions = extend
[ extend ]
keyUsage = digitalSignature
extendedKeyUsage = clientAuth
nsCer
ray v wrote:
Let me see if I understand what your saying?
I need to generate another CA certificate the has only
ssl client set yes?
This does not make sense especially if you read the
extension section in the openssl.cnf file [ usr_cert ]
which specifies that upon signing you can change the
purpos
Ok I figured it out, doh!
Here's part of my openssl command
openssl x509 -req -days $days -in $csrfile -extfile
extfile -extensions extend
I use -extfile and -extensions
Here's my extfile
extensions = extend
[ extend ]
keyUsage = digitalSignature
extendedKeyUsage = clientAuth
nsCertType = cl
Let me see if I understand what your saying?
I need to generate another CA certificate the has only
ssl client set yes?
This does not make sense especially if you read the
extension section in the openssl.cnf file [ usr_cert ]
which specifies that upon signing you can change the
purpose of the ce
ray v wrote:
Hi Michael,
Thanks for responding.
My problem is a little more involved then that. I'm
the CA, err using openssl can creating a CA
certificate using the v3_ca extension. I have quite a
number of certificate being used by our servers.
Recently we wanted to start generating user
certific
ray v wrote:
Hi Michael,
Thanks for responding.
My problem is a little more involved then that. I'm
the CA, err using openssl can creating a CA
certificate using the v3_ca extension. I have quite a
number of certificate being used by our servers.
Recently we wanted to start generating user
certific
Hi Michael,
Thanks for responding.
My problem is a little more involved then that. I'm
the CA, err using openssl can creating a CA
certificate using the v3_ca extension. I have quite a
number of certificate being used by our servers.
Recently we wanted to start generating user
certificates but we
ray v wrote:
Hello all!
I'm looking for ways to turn off and on features in
the "Certificate purposes" are of a certificate. I've
read over extfile and extension plus looked at
basicContraints.
I'm unclear by the documentation written for openssl,
x509, ca, etc., just how to do this. Can someone
Hello,
I have been trying to get the Apache XML Security (Xsec) library test
program working. It relies on the Openssl libcrypto library for the
encryption capabilities. The company that I work for already has the
openssl 0.9.7d distribution, and uses it to build and use a static
library for li
Hello all!
I'm looking for ways to turn off and on features in
the "Certificate purposes" are of a certificate. I've
read over extfile and extension plus looked at
basicContraints.
I'm unclear by the documentation written for openssl,
x509, ca, etc., just how to do this. Can someone
please point
Hi,
when it comes to signing eg mails with openssl exactly the content
(plaintext or binary block) happens to be signed.
In case of attachments only the attached content is signed and in
turn candidate for transmission. The metadata, especially the
filename gets lost.
What if you want (or need) som
Hello all,
1.
When we enable fips in our configure option,will only the FIPS supported
algorithms like (aes, des, dh, dsa, rsa, sha1) get added to crypto library
or
whether all
ciphers get added to the crypto
library.?
2. If the answer to
questi
In message <[EMAIL PROTECTED]> on Tue, 22 Feb 2005 14:11:28 +0100, [EMAIL
PROTECTED] said:
epommate> Hi,
epommate>
epommate> I made a compilation of OpenSSL 0.9.7e on OS/2 Warp and its work.
epommate>
epommate> I encountered a small problem during compilation, there was
epommate> an error in th
Hi,
I made a compilation of OpenSSL 0.9.7e on OS/2 Warp and its work.
I encountered a small problem during compilation, there was
an error in the file crypto/rand/rand_egd.c:
On line 139, "struct sockaddr_un" was undefined.
So, I replaced in the code the following lines :
==
# ifdef
15 matches
Mail list logo