On 8/30/2011 3:29 AM, Dave Thompson wrote:
...
That sounds like the keyUsage bit dataEncipherment, and OpenSSL CA
can set it. But SSL never *does* dataEncipherment using a
certificate/key, so this bit should not be needed or make any
difference.
Small correction: SSL/TLS never does
Hodie III Kal. Sep. MMXI, Jakob Bohm scripsit:
On 8/30/2011 3:29 AM, Dave Thompson wrote:
...
That sounds like the keyUsage bit dataEncipherment, and OpenSSL CA
can set it. But SSL never *does* dataEncipherment using a
certificate/key, so this bit should not be needed or make any
difference.
What exactly are you trying to do?None of ciphersuites specified in second list, meets the requiremencts specified in first list.(Only second ciphersuite uses ECDSA Au, it also is the only one, not using any variant of DES or RC4)There exists ECDHE-ECDSA ciphersuites usring RC4, but these are not
Hello
Sorry for confuse you.
My exactly purpose are to make ca signatures about following ciphersuites.
EDH-RSA-DES-CBC3-SHA
ECDHE-ECDSA-AES256-SHA
RC4-MD5
EXP-DES-CBS-SHA
I think my question were confused because I did not understand what command
to use.
Please do not care what command that I
Hi Gayatri,
Can u tell me wat is the cmd to disconnect from the ssl session.
The problem is as follows:
1) while disconnecting ssl session, in ssl_writepending() there we get an
exception because we are de-referencing a null pointer.
2) when we see the code we found that the
Hi!
I have just installed a new 3 year wildcard *.openssl.org certificate
to our web site.
Thanks to GlobalSign for the new donation.
The migration should work more or less unnoted for the users. If you
experience any problems please drop me a message.
Best regards,
Lutz
Generally ANY CA signature works with ANY ciphersuite. They are not related at all.You mean:Make a CA, which can sign a certificate, which can be used with these all ciphersuites?In that case any signature method can be used. (ECDSA and RSA ciphersuites will not work with one certificate, but CA
Bonjour,
Hodie III Kal. Sep. MMXI, Lutz Jaenicke scripsit:
I have just installed a new 3 year wildcard *.openssl.org certificate
to our web site.
Thanks to GlobalSign for the new donation.
The migration should work more or less unnoted for the users. If you
experience any problems please
Hello
Thanks for good advice.
I would like to know which command that I need to use to make ECDSA key.
or how to make Ans I would like to know which command that I need to use dh.
I'm so sorry but would you show me the process about following ?
EDH-RSA-DES-CBC3-SHA
ECDHE-ECDSA-AES256-SHA
Maybe it's a simple question, but i want to know if there is any problem
that i have a request using a ECDSA key with SHA-256 and i want to issue a
certificate where the CA uses RSA with SHA 1.
In some tests, a ECDSA with sha1 and a CA with RSA with sha1 it was sucess.
But with ECDSA sha256 it
ECDSA keys can be made by:openssl ecparam -genkey -name "name_of_curve" -out eckey.pemwhere "name_of_curve" is name of named curve, list of available curves is at:openssl ecparam -list_curvesThat genkey will generate private key. (probably it is possible to generate new curves, but I don not know
On 8/30/2011 2:42 PM, Erwann ABALEA wrote:
Bonjour,
Hodie III Kal. Sep. MMXI, Lutz Jaenicke scripsit:
I have just installed a new 3 year wildcard *.openssl.org certificate
to our web site.
Thanks to GlobalSign for the new donation.
The migration should work more or less unnoted for the users.
I've found a solution.
It seems to be a problem about crl.
I've created a crl.crl file, and have installed in XP and 2003 Server (in
MMC Certificates - Local computer, in Autorités intermédiaires \ Liste de
révocation de certificats - I prefer give here the real name in French, and
not to
Actually my question continues but a resume of another question is:
Another question is: Is there any problem to use a different kind of key on
the request that the Certificate Authority has?
Does Openssl support ecdsa with sha256 and sha512?
Only above of 1.0.0 ?
On Tue, Aug 30, 2011 at 11:40
From: owner-openssl-us...@openssl.org On Behalf Of
Sent: Monday, 29 August, 2011 07:57
Hello
I try to make ca signature about following case.
1. Kx=DH, ECDH
2. Au=ECDSA
3. Enc=DES(56),3DES(168),RC4(40), rc4(128)
This doesn't make sense.
From: owner-openssl-us...@openssl.org On Behalf Of Erwann ABALEA
Sent: Tuesday, 30 August, 2011 04:39
To: openssl-users@openssl.org
Subject: Re: [openssl-users] Re: users auth. in XP for HTTPS
Hodie III Kal. Sep. MMXI, Jakob Bohm scripsit:
On 8/30/2011 3:29 AM, Dave Thompson wrote:
...
Hi All,
How to upgrade openssl software in Linux server. I mean, I just want to
upgrade the current version 0.9.7a to 1.0.0d latest one?
What is the procedure, I suppose to follow to implement it in Linux
environment.., if anything goes wrong, how to revert back to old version?
Any
17 matches
Mail list logo
