Hi,
I just wrote a brief how-to detailing how to fix this (common?) problem:
http://wejn.org/how-to-upload-certificate-to-DRAC4.html
Hope it helps.
-- M.S.
Amyangshu wrote:
>
> Can anyone help me with the process to sign the Dell Remote Access
> Controller (DRAC4) CSR correctly using OpenSS
Has anyone seen this behavior? Any help would be appreciated.
Thanks in advance,
Regards
Ashith
-Original Message-
From: Belliappa, Ashith Muddiana (HP Software)
Sent: Wednesday, October 17, 2007 11:37 AM
To: 'openssl-users@openssl.org'
Subject: RE: Signature verification fails with
Sorry for not aksing my question clearly!
I'm using following code to make an ocsp revocation check:
OCSP_request_add0_id(req, id);
if(!OCSP_parse_url(ocsp_url, &host, &port, &path, &use_ssl)){
// error
}
cbio = BIO_new_connect(host);
if(!cbio){
// error
}
BIO_set_conn_port(cbio, port);
if(
> > "Is it possible to extend the expiry of this certificate
> > without changing any other fields in the certificate?"
> >
> > to which it seems that the answer is
> >
> > "Yes",
>
> How could the answer be anything other than yes?
All too easily. Because as you ourself point out, such a change
This was a certificate authority certificate. As such, the renewal
has to have
the same key and DN as the original in order to continue being a CA
for previously signed certificates.
Jim
On Oct 17, 2007, at 5:54 PM, David Schwartz wrote:
It seems to me that the OP is indeed asking somet
> It seems to me that the OP is indeed asking something else entirely
> different from the question which you yourself seem to have posed and
> then immediately failed to answer. He's asking
>
> "Is it possible to extend the expiry of this certificate without
> changing any other fields in the ce
On Wed, Oct 17, 2007 at 09:49:15PM +0100, G.W. Haywood wrote:
> "Is it possible to extend the expiry of this certificate without
> changing any other fields in the certificate?"
>
> to which it seems that the answer is
>
> "Yes",
Actually it is "no", because the certificate needs a new signatur
Yes. Thats what I was trying to ask. So, how can I change the expiry date of
an existing certificate without changing any other field ? Is there any
openssl command that I may use ?
On 10/17/07, G.W. Haywood <[EMAIL PROTECTED]> wrote:
>
> Hi there,
>
> On Wed, 17 Oct 2007, David Schwartz wrote:
>
[EMAIL PROTECTED] wrote:
I've a problem. I need to cypher a buffer of bytes with pkcs7 format but
I can't use certificates,i need encrypt using only a key or password.
I have searched but I do not find anything to do it.
Read the syntax for PKCS#7:
ftp://ftp.rsasecurity.com/pub/pkcs
Hi there,
On Wed, 17 Oct 2007, David Schwartz wrote:
> The OP wrote:
>
> > I have a private CA certificate created using openssl command line.
> > The issue is that the certificate expires on 19th Oct, 2007.
> > The question is that "Is it possible to extend the expiry of this
> > certificate wit
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
[EMAIL PROTECTED] schrieb:
> Hello all!!
Hello Lidia,
> I've a problem. I need to cypher a buffer of bytes with pkcs7 format but
> I can't use certificates,i need encrypt using only a key or password.
Are you really sure PKCS#7 supports encrypting of
> I have a private CA certificate created using openssl command line.
> The issue is that the certificate expires on 19th Oct, 2007.
> The question is that "Is it possible to extend the expiry of this
> certificate without changing any other fields in the certificate?"
> Basically, I want to conti
Thanks, much.
- Dennis
Wolfgang Riedel wrote:
Hi Dennis,
you want (maybe)
-BEGIN CERTIFICATE-
MIICPDCCAaUCEHC65B0Q2Sk0tjjKewPMur8wDQYJKoZIhvcNAQECBQAwXzELMAkG
A1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFz
cyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4X
On Wed, Oct 17, 2007 at 12:43:03PM -0700, Jim Fox wrote:
>
> >I have a private CA certificate created using openssl command line. The
> >issue is that the certificate expires on 19th Oct, 2007. The question is
> >that "Is it possible to extend the expiry of this certificate without
> >changing an
The stack trace showing a null sha1 transform kindof caught my attention
here, I wouldnt go by the the GDB call trace coz its obviously a memory
leak and the gdb stack could have been corrupted, many a times I see 0x0
in the frames but when you actually try to print the ctx address it would
be
I have a private CA certificate created using openssl command line. The
issue is that the certificate expires on 19th Oct, 2007. The question is
that "Is it possible to extend the expiry of this certificate without
changing any other fields in the certificate?" Basically, I want to continue
usin
Hi,
I have a private CA certificate created using openssl command line. The
issue is that the certificate expires on 19th Oct, 2007. The question is
that "Is it possible to extend the expiry of this certificate without
changing any other fields in the certificate?" Basically, I want to continue
usi
Hi,
I have a private CA certificate created using openssl command line. The
issue is that the certificate expires on 19th Oct, 2007. The question is
that "Is it possible to extend the expiry of this certificate without
changing any other fields in the certificate?" Basically, I want to continue
usi
Hello There,
I am trying to read the following RSA private key using Openssl
command line RSA
utility but having no success; This key was generated using another non-Openssl
library(SSLeay
based). I am attaching below a snapshot of the error I get with RSA command
line tool and a
hex
> Even reducing the thread stack size didn't help.
> I observe that the thread creation as such is not
> a problem. I create about 1000 threads , delay in
> each thread the SSL_connect for about 10 sec.
> Once the delay expires and each client make connections
> to the server the seg fault occurs.
Christian Wiesbauer wrote:
> I want to know if an ocsp revocation check works with openssl if I'm using a
> proxy?
OCSP isn't HTTP so what kind of proxy do you mean?
__
OpenSSL Project http://www.o
Thank you
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Kyle Hamilton
Sent: Wednesday, October 17, 2007 11:17 AM
To: openssl-users@openssl.org
Subject: Re: Question about IP
OpenSSL shouldn't care at all about the client's IP address. If your
applicat
Hi,
I searched for this function on net and got lot of threads, but couldn't
solve my problem. My problem is as follows..
I have generated a RSA key using OenSSL and stored it in a PEM file. When i
try to read it using above function , the structure returned to me by
PEM_read_PrivateKey is NULL(
OpenSSL shouldn't care at all about the client's IP address. If your
application server is providing cache services to OpenSSL, then that
might cause issues if it breaks the server-defined caching rules.
-Kyle H
On 10/17/07, Jurden, James <[EMAIL PROTECTED]> wrote:
>
>
> I configured OpenSSL wit
I configured OpenSSL with our application server, but it seems when I
connect my lpatop the next day the connection fails. It seems that my IP
address changes because of dhcp, but the server does not seem to care.
If I restart the server, I can then connect my client. Does OpenSSL
somehow cacvhe my
2007/10/17, [EMAIL PROTECTED] <[EMAIL PROTECTED]
>:
>
> Hello all!!
>
> I've a problem. I need to cypher a buffer of bytes with pkcs7 format
> but I can't use certificates,i need encrypt using only a key or
> password.
>
> I have searched but I do not find anything to do it.
>
> I work with c, and
Hi,
I want to know if an ocsp revocation check works with openssl if I'm using a
proxy?
Thanks,
Christian Wiesbauer
Even reducing the thread stack size didn't help. I observe that the thread
creation as such is not a problem. I create about 1000 threads , delay in
each thread the SSL_connect for about 10 sec.
Once the delay expires and each client make connections to the server the
seg fault occurs.
Regards,
Pr
Hi,
I have written my own aes decrypt 256 function and I found something
strange. When I use my function and AES_decrypt I have the same results. But
when I use the whole openssl (I use wget with openssl support) I see that I
receive different results.
I suppose that there are some key changes
Hello all!!
I've a problem. I need to cypher a buffer of bytes with pkcs7 format
but I can't use certificates,i need encrypt using only a key or
password.
I have searched but I do not find anything to do it.
I work with c, and the function PKCS7_encrypt() needs
certificates...There is so
Hi Dennis,
you want (maybe)
-BEGIN CERTIFICATE-
MIICPDCCAaUCEHC65B0Q2Sk0tjjKewPMur8wDQYJKoZIhvcNAQECBQAwXzELMAkG
A1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFz
cyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk2
MDEyOTAwMDAwMFoXDTI4MDgwMTIzNTk1OVowXzELMAkGA
31 matches
Mail list logo
