Hi,
I have a SSL enabled client application.
The client connects to the server with which it shares no common ciphers.
When 200 or more simultaneous connections are made the application crashes.
The backtrace indicates double free or corruption (!prev) in CRYPTO_free().
However when there is a co
Hey,
I am using SSL_get_verify_result() to check the verification result. In
addition to the normal checks, I want to do the followings:
1) I want to accept certificates even if it's expired. However, I
can't simply ignore the errors X509_V_ERR_CERT_NOT_YET_VALID and
X509_V_ERR_CE
Hi,
I'm looking for a config file option that will force openssl to use
an engine's load key functions when accessing key files, like the
"-keyform engine" option offered by the openssl command. Does such an
option exist?
Thanks,
Kent
--
Kent Yoder
IBM LTC Security Dev.
__
It's hard to state that a communications channel is "secure" without
defining what it means to be "secure". TLS takes a three-pronged
approach. (For a more in-depth discussion on what the cryptographic
community has determined as being "secure" as applied to a
communications channel, Schn