On Mon, Jul 13, 2009, Akos Vandra wrote:
> Hello!
>
> How can I invoke openssl s_server and s_client so that they communicate in
> TLSv1.2 mode? I can see options only for -tls1, but I am currently
> studying&analizing&implementing tls1.2, so I would need them to communicate
> with that protocol.
> > I would use the public-key fingerprint, unless the trust chain
> > is verified
> > from a fixed set of trusted issuers.
> Did you mean fingerprints instead of caching certs or instead of
> issuer/serial?
>
> xw
Instead of anything else. Simply bind the username to the public-key
fingerprint.
Hello.
On 2009-07-13 14:59:48, Victor Duchovni wrote:
> > > If you accept client certificates issued by foreign (not controlled by
> > > you) CAs, you would have to find a way to map between certificate and
> > > user.
> > > Here would be a mepping from issuer name / serial number of the client
>
On Mon, Jul 13, 2009 at 06:01:02PM +0100, openssl-us...@coreland.ath.cx wrote:
> Hello.
>
> On 2009-07-13 12:15:21, Goetz Babin-Ebell wrote:
> > Do you also control client certificate generation ?
> >
> > With that you could configure the server to only accept client
> > certificates issued by y
Hello!
How can I invoke openssl s_server and s_client so that they communicate in
TLSv1.2 mode? I can see options only for -tls1, but I am currently
studying&analizing&implementing tls1.2, so I would need them to communicate
with that protocol.
Regards,
Vandra Ákos
Hi, i am developing a secure email application whereby the email sent to the
receiver is encrypted using PHP openssl_public_encrypt(). The problem is i
could not decrypt the message back to the original message using
openssl_private_decrypt().
Questions:
1. What is the encoding format for the
Hello.
On 2009-07-13 12:15:21, Goetz Babin-Ebell wrote:
> Do you also control client certificate generation ?
>
> With that you could configure the server to only accept client
> certificates issued by your own CA and set the user name in the client
> certificates subject name.
>
> This way you
On Mon, Jul 13, 2009, Chris Bare wrote:
> I'm trying to log the exact data I am sending to the server by doing this:
>
> if (!i2d_CMS_bio_stream (server, cms, mem, flags))
> // error
> BIO_reset(mem);
> if (!i2d_CMS_bio_stream (logfile, cms, mem, flags))
>
I'm trying to log the exact data I am sending to the server by doing this:
if (!i2d_CMS_bio_stream (server, cms, mem, flags))
// error
BIO_reset(mem);
if (!i2d_CMS_bio_stream (logfile, cms, mem, flags))
// err
I get no error for the second c
Hello all,
I'm new to this list and I'm trying to create a certificate, but that
fails.
I did the following:
1) openssl genrsa -out rui.key 1024
2) openssl req -new -x509 -key rui.key -out rui.pem -days 1095 -config
"c:\Program Files\GnuWin32\share\openssl.cnf"
And then :
openssl pkcs12 -expo
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
openssl-us...@coreland.ath.cx wrote:
| Hello.
Hello xw,
| I'm considering writing a server program (which provides mostly
| hypothetical services, for the purpose of this discussion). The server
| requires users to register an account on the server b
11 matches
Mail list logo