Thanks for all your help Kyle, I've ran your tests and I'm now fairly
sure it's not the certificates, it's something weird to do with gSOAP.
I'm off to their user group to whine instead!
Again, thanks for providing so much assistance, I've guessing you've
saved me days of trawling through websites
Thanks,I did a build with openssl-0.9.8-stable-SNAP-20060209 and the no-zlib option. I still find the same problem.I'll investigate some of the other suggestions now.Michael
On 2/8/06, Kyle Hamilton <[EMAIL PROTECTED]> wrote:
Dr. Henson:May I direct your attention to the thread e
Hello,
Is anyone aware of a method for using PKI certificates for authentication
with PHP..?
All suggestions are appreciated...!
Thomas
__
OpenSSL Project http://www.openssl.org
User Support Mai
Hello,
If the privkey and cacert have to be hard-coded in the image (by using
#define), how can I tell SSL to look into these constants for the key and cert
instead of the default directory? Which SSL routine I need to change to let SSL
know the new location of the key and certificate?
All su
On Thu, Feb 09, 2006, Kiefer, Sascha wrote:
> No, that did not work.
> See the first mail for the error.
>
In the "Configure" script try commenting out the line:
$IsMK1MF=1 if ($target eq "mingw" && $^O ne "cygwin");
Steve.
--
Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage
Open
Looked better (now ./config copied the .h files and so on) but still
error's:
$ make
making all in crypto...
make[1]: Entering directory `/d/Eigene
Dateien/Downloads/openssl-0.9.8a/crypto'
( echo "#ifndef MK1MF_BUILD"; \
echo ' /* auto-generated by crypto/Makefile for crypto/cversion.c */'; \
ech
On Thu, Feb 09, 2006, Kiefer, Sascha wrote:
> Looked better (now ./config copied the .h files and so on) but still
> error's:
>
> $ make
> making all in crypto...
> make[1]: Entering directory `/d/Eigene
> Dateien/Downloads/openssl-0.9.8a/crypto'
> ( echo "#ifndef MK1MF_BUILD"; \
> echo ' /* aut
Hello,
our mailserver daemons (exim, dovecot, courier-imap) are limited to one
key/cert configuration per instance. But for certain reason, we need the
same service to be accessable be two different ip-addresses/domain names
each with its own certs.
What I'm trying to do is the following:
s
I have code which successfully signs
and verifies documents on Redhat9, but
fails on Solaris 8. Specifically, the failure
is reported in DSA_verify(). Errors strings
are as follows:
error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
wrong tag
error:0D07803A:asn1 encoding routines:A
On Thursday 09 February 2006 21:13, Marten Lehmann wrote:
> Is this possible with openssl? I don't know how to do it. The problem
> is, that the work isn't done by simply tunneling the data to
> server-a.com, because then the client would get a certificate-doesn't
> -match-with-domain-error. server
Yes.
Actually, I think Apache has FakeBasic Auth built in. I don't like it
because it seems easy to spoof. In my work, I ask the client for the
certificate with the line in the configuration file
SSLVerifyClient optional_no_ca
which gives me the certificate in $_SERVER["SSL_CLIENT_CERT"] an
On Thu, Feb 09, 2006, Bob Mearns wrote:
>
> genkeys() {
> DSA *dsa;
> unsigned char encodedPubKey[MAX];
> int pubLen, genstat;
> dsa = DSA_generate_parameters(...);
> /* error check*/
> genStat = DSA_generate_key(dsa);
> /* error check */
> pubLen =
BTW: This was reported earlier based on a merged copy of 0.9.7i and
0.9.7d+os400 mods. Since then, I have performed the same test with
clean copy of 0.9.7i and got the same error. I also tried the same test
with a clean copy of 0.9.8a and got the same error.
I am compiling openssl-0.9.7i on S
grace:
i believe what your are trying to do is what i did a few days ago. here is how
you do it:
1. obtain the private key and certificate in "pem" format, e.g., by using the
following openssl command:
$ openssl genrsa -out key.pem 1024
$ openssl req -new -key key.pem -out request.pem
$ openss
On Thu, Feb 09, 2006, Xie Grace Jingru-LJX001 wrote:
>
> If the privkey and cacert have to be hard-coded in the image (by using
> #define), how can I tell SSL to look into these constants for the key and
> cert instead of the default directory? Which SSL routine I need to change to
> let SSL know
forget one thing, after you have the private key (of type EVP_PKEY) and
certificate (of type X509, you use:
SSL_CTX_use_certificate(ctx,cert) and SSL_CTX_use_PrivateKey(ctx, pkey)
to read them into your ssl context.
-Original Message-
From: Chong Peng
Sent: Thursday, February 09, 2006
Well, it was a configuration issue. Since we are running Solaris 5.9
and 5.8 on Ultra 60 boxes, and 5.9 works, I used the options from
solaris64-sparcv9-gcc for solaris64-sparcv8-gcc. Except for the asm
reference (which we don't use) they are the same. Why the old values
worked with 0.9.7d, is
17 matches
Mail list logo
