Thanks for the help all!
As far as I can tell you can not use the certificate
snap-in to create a certificate request for a
third-party CA. If you try it will fail claiming that
it can not contact the CA server.
If you install the CA management tool and then try to
make a request the certificate
Ray,
I've enabled LDAPS on AD before, but only using MS Certificate Services
configured as an Enterprise CA, so I haven't tried this myself, but
here's an article that might be useful:
http://support.microsoft.com/?id=321051
Jim
___
Hi,
In fact your ldap server is running TLS (everything can be seen with ldapsearch
in debug mode).
the problem comes from ldap using SASL mechanism. As i'm not expert in this, as
can just suggest you to have a look at SASL documentation. There is some sort
of authentication before the real SSL/
Agreed: Both are excellent and essential.
use the man pages in www.openssl.org/docs also. There are many specifics
there that you'll need to know eventually.
I found I had to dig into the openssl source to work through some nasty
problems (not OpenSSL problems, programmer airheadedness), s
Ragnar Paulson wrote:
I'm looking for a pointer to more documentation of how to use the openssl API,
I don't really want to read the source or learn the internals. I have found
the following two references:
SSL and TLS: Designing and Building Secure Systems by Eric Rescorla
Network Security wi
A very important adjunct to step 4 is getting the
private key associated with the certificate into
the server. If step 1 is done ON THE SERVER
COMPUTER and it is not reinitialized in the meantime
etc etc then in step 4 the association between the
certificate and key should be recognized. However,
Hello All,
I am trying to use ubsec hw accelerator with openssl and I get a DMA Error from the UBSEC when I try to run the function "ubsec_mod_exp". Any idea ? I am running this on a VXWORKS platform.
Any help is appreciated.
Thank you,
Prashant.
Do you Yahoo!?
Yahoo! Mail - Find what
Thanks for you input Rafeeq
Ok so maybe I should clearify the situation a bit
more. I have the official openssl O'Reilly book so I
didn't really need help using the openssl command
line. I have an on going and viable CA and have been
issueing certificate for authentication for sometime
now.
My
On Tue, Mar 01, 2005, Kumar, Sunil wrote:
> Hi,
>
> Instead of concatenating all CA files in one big file, or specify the CA
> path and put in
> hash names as file names is it possible to add the CA files one by one
> into the system?
>
> What I am aiming at is, to ease the configuration to th
Hi,
I'm curious about SSLs behavior over a SOCKS connection. I would
assume that it would function fine, but that the SSL client certificate
passed would contain the inner ip address of the network behind the
SOCKS proxy. Is there anyway to setup an SSL connection in a way so
that the server
Hi,
Instead of concatenating
all CA files in one big file, or specify the CA path and put
in
hash names as file names is
it possible to add the CA files one by one into the system?
What I am aiming at is, to
ease the configuration to the user. User doesn't want to
find out the hash valu
> That's one problem although Netscape Cert Type is largely obsolete some
> clients use it.
>
> The other problem is:
>
> X509v3 Key Usage: critical
> Key Encipherment, Data Encipherment, Key Agreement
>
> "Key Agreement" makes no sense for an RSA certificate since
On Mon, Feb 28, 2005, ohaya wrote:
>
> >
> > The certificate you have might not be certified for client authentication or
> > the root CA might not be trusted for client authentication.
> >
> > See what happens when you do:
> >
> > openssl x509 -in clcert.pem -text -noout
> >
> > Steve.
>
>
.Who has enough time, "no patience" and is inquisitive and irritated
enough to work "backwards" on symmetric encryption algorithms
Please unicast your replies.
-thanks
Alok
__
OpenSSL Project
Hans Moser schrieb das Folgende am 25.02.2005 13:51:
[EMAIL PROTECTED] schrieb das Folgende am 24.02.2005 20:16:
I think your ldap server is NOT running TLS.
Here is my ldapsearch debug output, including
"TLS trace: SSL_connect:SSLv3 read server certificate A":
[EMAIL PROTECTED]:/ldap> bin/ldapsear
15 matches
Mail list logo
