Hi there:
Ok, then in my case $PREFIX is it_root_ca.crt (PKI public cert) and
$CAPREFIX it_root_ca.key (PKI private key) .
but here's what I get :
[pkiitr...@localhost ~/New_IT_ROOT_CA/pki/ca]
$ openssl x509 -set_serial 01 -clrext -extfile openssl.cnf -days 3650
-CA it_root_ca.key -CAkey
I have an ASCII text file with a chain of certificates. I had earlier
sent a CSR and got these certificates back from the CA.
When I opened the ASCII file I see some text before and after ---BEGIN
CERTIFICATE-- and --END CERTIFICATE--
I removed this test because they were file names like
What is the link between the existing key's alias and the alias used
while importing the CA-root and sub-root certificates ?
The CA-root and sub-root certificates have been imported with new
aliases. The old alias throws an error.
Thanks,
Mohan
On Thu, Aug 27, 2009 at 2:35 PM, Mohan
Not it does not look like I need OpenSSL. The following Java command
could import the entire chain.
keytool -import -alias visaftpsflux -file visacertificateedited.cer
-trustcacerts -keystore FSSNABMAPSVISA.jks -storepass password
Further testing is required.
Mohan
On Thu, Aug 27, 2009 at
Hey
I'm using the BIO abstraction for reading/writing to sockets - a small
part of the BIO_read method is unclear: For a blocking socket, will the
BIO_read call block until the length provided in the call is filled in
the buffer, or will it return as soon as it managed to read anything
I am using FIPS object module 1.2 and openssl 0.9.8j on windows. I built fips
capable openssl static libraries using these two distributions according to
security policy.
Call to FIPS_mode_set(1) is failing if I link my application with this
static library. Upon further debugging I found that
Hello,
Going through various posts, I have come across references to Bodo Moeller's
example code showing SSL communication without certificates and using
anonymous DH key exchange. If anybody has that sample, can you please
forward it ?
I have written a client and server taking help from the
Le 26/08/2009 22:16, Patrick Patterson a écrit :
Hi there:
Ok, then in my case $PREFIX is it_root_ca.crt (PKI public cert) and
$CAPREFIX it_root_ca.key (PKI private key) .
but here's what I get :
[pkiitr...@localhost ~/New_IT_ROOT_CA/pki/ca]
$ openssl x509 -set_serial 01 -clrext -extfile
Things are getting clearer as I dig deeper. The book Network Security with
OpenSSL by John Viega et al has some explanation of how the DH key exchange
takes place.
With that knowledge, I went through the source code and found that
DH_Compute_Key() is being called in s3_clnt.c and s3_srvr.c. So
On Thu, Aug 27, 2009 at 2:24 PM, Laura
Arhirelaura.arh...@endion-software.com wrote:
Hey
I'm using the BIO abstraction for reading/writing to sockets - a small part
of the BIO_read method is unclear: For a blocking socket, will the BIO_read
call block until the length provided in the call is
Dear all:
I measure my cpu's performance with openssl speed
below are the output:
# openssl speed rsa
Doing 512 bit private rsa's for 10s: 11828 512 bit private RSA's in 9.83s
available timing options: TIMES TIMEB HZ=100 [sysconf value]
timing function used: times
signverify
loody wrote:
Dear all:
I measure my cpu's performance with openssl speed
below are the output:
# openssl speed rsa
Doing 512 bit private rsa's for 10s: 11828 512 bit private RSA's in 9.83s
available timing options: TIMES TIMEB HZ=100 [sysconf value]
timing function used: times
Hi:
thanks for your help.
2009/8/28 David Schwartz dav...@webmaster.com:
loody wrote:
Dear all:
I measure my cpu's performance with openssl speed
below are the output:
# openssl speed rsa
Doing 512 bit private rsa's for 10s: 11828 512 bit private RSA's in 9.83s
available timing options:
Is OpenSSL secures both data and control channel. Could yo please let
me know where I can find some reference documents for this.
Any help would be appreciated.
Thanks,
Salini
__
OpenSSL Project
14 matches
Mail list logo