Re: client authentication and tokens.

2010-03-19 Thread John R Pierce
Peter Gubis wrote: On 13. 3. 2010 0:37, John R Pierce wrote: our security auditors yanked the token out, and the client continues to work, .. you'll probably need to listen for token removal event and destroy this ssl session after that. It is working for us in this way. Session should be r

Re: need help on: openssl pkcs12 --- avoid or manipulate propmpts

2010-03-19 Thread Mounir IDRASSI
Hi John, To avoid the password prompt, you can add the argument "-password pass:" to the command line. This will use an empty password for the PKCS12 file. For a non empty value, for example 1234, use "-password pass:1234" instead. I hope this will help. Cheers, -- Mounir IDRASSI IDRIX http://www

Re: client authentication and tokens.

2010-03-19 Thread Peter Gubis
On 13. 3. 2010 0:37, John R Pierce wrote: > we have a client-server application pair (ok, the server side is > tomcat), the client is using an Aladdin eToken w/ openssl and > engine_pkcs11 and aladdin's driver. thats all fine and working now. > the client application has long running persistenc

RE: Google Chrome certificate idiosyncrasies?

2010-03-19 Thread Paul Suhler
I haven't seen that, but I have seen Chrome (on MacOS 10.5.8) complain about the validity of certificates that don't bother Firefox. Paul ___ Paul A. Suhler | Firmware Engineer | Quantum Corporation | Office: 949.856.7748 | paul.suh...@quantum.com

Google Chrome certificate idiosyncrasies?

2010-03-19 Thread Lou Picciano
Fellow OpenSSL-ers, We're beginning to look at an apparent discrepancy in the way Google Chrome (OS X) handles certificates. Though Chrome seems to use the same OS X-standard keychain application used by Safari, we are finding that Chrome reports the dreaded 'Handshake Re-negotiation' er

need help on: openssl pkcs12 --- avoid or manipulate propmpts

2010-03-19 Thread John Chen
Hi, Is anyone run through the same issue I have, please help me out. When I run openssl pkcs12 -in new.crt -inkey new.key -certfile . It will prompt user for: Enter Export Password: Verifying - Enter Export Password: Is anyway I can manipulate or default or void those two prompts since I don

RE: openssl0.9.8l on Netware 6.5 - problems

2010-03-19 Thread Raghuveer, Nithin (BIO-DP)
Hi, Thanks for the reply. I tried m version, but it gives the same problem. I am building for Netware 6.5 on Windows XP with Watcom 11/Codewarrior/gcc for windows. The error: C:\openssl-0.9.8m>make -f netware\nlm_libc.mak -D MAKESTARTUP=t11 make: netware\nlm_libc.mak: line 421: Warning -- Dupl