Thanks Dominique. I guess the openssl verify does these steps to actually
verify if an incoming server certificate compares to a root certificate.
Regards
Geetha
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dominique Lohez
Sent: Wednesday, July 09, 20
HI Jan,
Coudl you please send me the UserGuide_1.2 , i cannt find it on the openssl
website , could you please send it to me
Thanx a lot.
On 7/9/08, Jan F. Schnellbaecher <[EMAIL PROTECTED]> wrote:
>
> Hello list,
>
> I am unsure how OpenSSL FIPS 1.2 can be deployed. I read that it can be
> link
l.org/snapshot/openssl-0.9.8-stable-SNAP-20080709.tar.gz
and build shared libraries using that.
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openss
l.org/snapshot/openssl-0.9.8-stable-SNAP-20080709.tar.gz
and build shared libraries using that.
signature.asc
Description: OpenPGP digital signature
was submitted for testing.
Subsequent validations will address this issue.
However... the validated source is only needed to build fipscanister.o and
none of those warnings affect that.
So you can use a new FIPS capable OpenSSL and link it against the test 1.2
module.
For example download:
ftp
openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
__ Información de NOD32, revisión 3253 (20080709) __
Este mensaje ha sido analizado con NOD32 antivirus system
http://www.nod32.com
Diffie-Hellman are susceptible to man-in-the
Hi Stephen,
I have downloaded ftp://ftp.openssl.org/snapshot/openssl-fips-test-1.2.0.tar.gz,
extracted it and:
./config fipscanisterbuild
make
make install
and then
make clean
./config fips shared no-idea no-mdc2
--with-fipslibdir=/usr/local/ssl/fips-1.0/lib
make depend
make
The libraries
The signature checkingwork like this
The SIGNER ( CA or SERVER ) build a digest with an appropriate
algorithm
then he encrypt the digest with its private key
Within the certificate you know the digest algorithm so you can build
this digest
and then you decrypt thi sdsignature wit
Does OpenSSL support DHE PSK? Are there any issues with using DHE
pre-shared keys?
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Aut
My apologies if this is a simple question. I'm fairly new to writing C and
even newer at working with OpenSSL.
I'm trying to take metrics for comparing OpenSSL on an OpenSPARC machine
with and without use of the PKCS11 engine. The code below is an attempt to
time how long it takes to open
On Wed, Jul 09, 2008, Jan F. Schnellbaecher wrote:
> Hello Stephen,
>
> thanks for your very quick reply.
>
>>> 1) Can it be linked dynamically?
>>>
>> Yes it can.
>>> 2) If I would like to link it dynamically when/where do I link the
>>> fipscanister.o?
>>>
>> You build and install fipscanister.
Hello Stephen,
thanks for your very quick reply.
1) Can it be linked dynamically?
Yes it can.
2) If I would like to link it dynamically when/where do I link the
fipscanister.o?
You build and install fipscanister.o from the FIPS 1.2 test source.
Then obtain the 0.9.8-fips source with
On Wed, Jul 09, 2008, Jan F. Schnellbaecher wrote:
> Hello list,
>
> I am unsure how OpenSSL FIPS 1.2 can be deployed. I read that it can be
> linked static but also loaded dynamically, but I also read that it can only
> be linked static (as FIPS 1.1.2)
Well it can't be deployed at all yet beca
Hello list,
I am unsure how OpenSSL FIPS 1.2 can be deployed. I read that it can be linked
static but also loaded dynamically, but I also read that it can only be linked
static (as FIPS 1.1.2)
1) Can it be linked dynamically?
2) If I would like to link it dynamically when/where do I link the
I have read numerous certification related docs. Being new to this technology I
don't find any material detailing the manual certificate validation [even the
faq on the same heading ] specially verifying key part. I also went through
verify.c in openssl but key verification is lost amongst the
1) See openssl-0.9.8g/apps/ocsp
2) See also http://www.openssl.org/docs/apps/ocsp.html#
Best regards,
Abderrahmane,
--- En date de : Jeu 10.7.08, Sergio Yébenes Moreno <[EMAIL PROTECTED]> a
écrit :
De: Sergio Yébenes Moreno <[EMAIL PROTECTED]>
Objet: ocsp from C program
À: openssl-users@o
Hi,
I have a X509 *client-cert and I need to make an ocsp request from a C
program. I can`t use C functions like system()...etc. I can't find what
function do this in openssl doc. Can anybody help me?
Thanks
__
OpenSSL Projec
I have read numerous certification related docs. Being new to this
technology I don't find any material detailing the manual certificate
validation [even the faq on the same heading ] specially verifying key
part. I also went through verify.c in openssl but key verification is
lost amongst the API
18 matches
Mail list logo