Hi,
I recently tried to refactor the TLS related code of my server
application and wanted to use a SSL-BIO instead of performing all
SSL-read/-write-operations by hand. As cipher suite I use
ADH-AES256-SHA, because no authentication of the peers is needed and a
man-in-the-middle-attack is highly
HI,
what would error OpenSSL: error:0906D06C:PEM routines:PEM_read_bio:no start
line mean ?
Aarno
__
OpenSSL Project http://www.openssl.org
User Support Mailing List
On Tue, Mar 29, 2011 at 10:15:04AM +0200, Aarno Syv?nen wrote:
HI,
what would error OpenSSL: error:0906D06C:PEM routines:PEM_read_bio:no start
line mean ?
A PEM file was expected, but the input was not a PEM file, specifically,
it had no -BEGIN ...- line.
--
Viktor.
Hi,
I have read this thread: Best way to convert a DER-encoded DN?
http://www.mail-archive.com/openssl-users@openssl.org/msg37207.html, and I
wanted to ask if someone knows what is the best method to do the reverse
operation, respectively the encoding of a LDAP human readable string
Probably missing something simple, but I'm having a tough time
validating the CA chain for a certificate. There is a second
certificate, seemingly signed by the same CA which does validate.
I'm not sure how useful this tool is, but it seems to indicate both
certs were signed by the same CA.
David Coulson da...@davidcoulson.net writes:
[...]
OpenSSL has other ideas. First one validates fine, second one does
not. I can't for the life of me figure out what the difference is.
Any ideas?
Add the -showcerts option to the s_client commands and you'll see the
first server returns a
On 3/29/11 12:58 PM, Bruce Stephens wrote:
Add the -showcerts option to the s_client commands and you'll see the
first server returns a chain of certificates where the second offers
only the end server certificate.
Okay, I see that - Makes sense. When I hit the hostname w/ Firefox I'm
able to
I have a postgres server running in SSL, and set up the self-signed
certificates and key on this box as well. I need to install these
certificates on a client Java box's (actually running ColdFusion 8)
keystore. Out of postgresql.crt, root.crt and postresql.key, which files do
I store? And do
David Coulson da...@davidcoulson.net writes:
On 3/29/11 12:58 PM, Bruce Stephens wrote:
Add the -showcerts option to the s_client commands and you'll see the
first server returns a chain of certificates where the second offers
only the end server certificate.
Okay, I see that - Makes sense.
David,
We've had to do this a couple of times for a handful of our Java developer
clients - as I recall, we googled our way to the solution pretty easily...
But, from the wording of your message, it sound like you may be conflating a
couple of different things.
The certificate and key
I've found plenty of google results but I am having a disconnect with the
install. My server has it's own server.crt, server.key and root.crt files.
My desktop (which I connect successfully to) has postgresql.crt,
postgresql.key and the same root.crt, which I used to securely connect via
pgAdmin
From: owner-openssl-us...@openssl.org On Behalf Of David Patricola
Sent: Tuesday, 29 March, 2011 15:26
I've found plenty of google results but I am having a disconnect
with the install. My server has it's own server.crt, server.key and
root.crt files. My desktop (which
From: owner-openssl-us...@openssl.org On Behalf Of ikuzar
Sent: Sunday, 27 March, 2011 18:17
When my program run DH_check, it generate an error: segmentation
fault.
Here is the code :
dh = PEM_read_DHparams(fp, NULL, NULL, NULL); // it 's OK, here dh
!= NULL
From: owner-openssl-us...@openssl.org On Behalf Of ikuzar
Sent: Monday, 28 March, 2011 11:02
I'd like to know how to retrieve RSA parameters and keys from
SSL_CTX.
I 'd like to put them into RSA *rsa structure in order to sign buffered
data ...
1: You do know that all data
14 matches
Mail list logo