Hi,
Your command line that create the public key is missing the -pubout
switch that tells the rsa utility to output a public key. So, this
command should look like : openssl rsa -in rsaprivatekey.pem -out
rsapublickey.pem -pubout . Without it, it will just output the private
key as is.
More
I've written a bare bones enveloping example that takes a string, seals it
in an envelope, and then goes about opening it. Everything works just fine
if I generate my RSA keys programatically. Unfortunately, it does not work
if I encrypt the session keys with an RSA public key that was created on t
On Thu, Feb 17, 2011, Hai-May Chao wrote:
> Using the EVP_Signxxx API to perform a FIPS mode DSA key sign will
> generate a signature with ASN.1 format (fips_dsa_sign.c). Therefore,
> the signature size is no longer 40 bytes (rlen = 20 plus slen = 20)
> but 48 bytes with padding and ASN.1 overhead
Using the EVP_Signxxx API to perform a FIPS mode DSA key sign will
generate a signature with ASN.1 format (fips_dsa_sign.c). Therefore,
the signature size is no longer 40 bytes (rlen = 20 plus slen = 20)
but 48 bytes with padding and ASN.1 overhead (rlen = 20, rpad = 1,
slen = 20, spad = 1, SEQUEN
First off, yes, I did read the FAQ.
I am trying to build 9.8.0r on an old Dec Unix (aka tru64 Alpha) machine,
specifically OSF1 V4.0. I'm getting the PRNG not seeded error when running the
tests. Yes, I did read the FAQ.
Now this machine is pretty old, and AFAIK, has no random device. I did
> -Original Message-
> From: Eisenacher, Patrick
>
>
> Matthias, search the archives for a thread named 'Terminate chain at
> intermediate certificate'. Stephan's post that Mounir cites, is from last
> year's 11th November.
>
Thanks for this information, I will see how far I get.
-
Hello,
I am novice in build system. I use cmake. I have to indicate to cmake where
it can find openssl library.
1) which library have I to include ? In /lib/ directory, there is
/lib/libssl.so.0.9.8 , in /lib/usr/ directory there are :
/usr/lib/libssl.so
/usr/lib/libssl.so.0.9.8
/usr/lib/libssl
> -Original Message-
> From: Lutz Jaenicke
>
> Forwarded to openssl-users for discussion.
>
> Best regards,
> Lutz
> - Forwarded message from Alexander Mills -
>
> From: Alexander Mills
>
> Recently I was tasked with using a .crt and .key used in Apache for
> use with Apache
Hello all.
I'm trying to build openssl 1.0.0 (c/d) on Solaris 10 u8 (x86/64bit).
I compiled it in 64-bit mode and with key -openssldir=/usr/local/ssl64
Make is ok and make test/install is ok.
But, when I'm checking links for shared librares, I see that link to
libcrypto isn't found:
# ldd lib
Federico, thank for quick answer.
I'm still not sure if it is necessary to install ROOT CA on all users computers.
I generated user certificate with such commands:
openssl req -newkey rsa:1024 -keyout user.key -config openssl.cnf -out user.req
openssl ca -config openssl.cnf -out user.crt -infiles
I had this problem, too. A workaround that does the trick for me is to
- encode the key and any certificate you'd like to export to the .p12 as PEM
- Paste the PEM key and all the PEM certificates into one single file
(let's assume all.pem)
- then issue the following command:
openssl pkcs12 -expo
Yes, regardless of the OS because it needs to know that you approve that your
home-made ROOT CA is credible.
FEDERICO BERTON
AREA SVILUPPO
Via Europa, 20
35015 Galliera Veneta (PD)
TEL. 049.9988200 FAX 049.9471337
http://www.trivenet.it
-Messaggio originale-
Da: owner-openssl-us...@op
Forwarded to openssl-users for discussion.
Best regards,
Lutz
- Forwarded message from Alexander Mills -
From: Alexander Mills
To: r...@openssl.org
Subject: Intermediate certificate chain not included when exporting as pkcs12
Date: Thu, 17 Feb 2011 09:15:37 +
Recently I was
I am also having the same problem. Nobody has replied???
--
View this message in context:
http://old.nabble.com/Link-errors-when-building-openssl-0.9.8e-on-Mac-OS-tp27151830p30948006.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.
___
No, should I?
If I'm going to generate user keys-certificates that will be signed by
SIGNING CA certificate, should I force all users to install ROOT CA as
trusted certificate?
On Thu, Feb 17, 2011 at 11:08 AM, Federico Berton
wrote:
> Have you added the ROOTCA certificate in the trusted root cer
Have you added the ROOTCA certificate in the trusted root certificate?
FEDERICO BERTON
AREA SVILUPPO
Via Europa, 20
35015 Galliera Veneta (PD)
TEL. 049.9988200 FAX 049.9471337
http://www.trivenet.it
-Messaggio originale-
Da: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@op
I tried to open crt file on different computers and I got different errors:
on Windows 7: The issuer of this certificate could not be found.
on Windows 2003: This certificate has an nonvalid digital signature.
Do anybody know how I can make the computers to "think" that
self-signed "ROOT CA" cert
17 matches
Mail list logo
