; What is the procedure for building a 64-bit FIPS-capable OpenSSL on
>>>> Windows from the following latest snapshots:
>>>>
>>>>ftp://ftp.openssl.org/snapshot/openssl-1.0.1-stable-SNAP-20111028.tar.gz
>>>>
>>>>
Hi there,
Could somebody confirm if the OpenSSL FIPS validation includes TLS 1.2? My
check of the FIPS module code (openssl-fips-2.0-test-20111028.tar.gz) shows it
is not.
Please confirm. And what is the plan to include it if it is not currently.
Thanks,
-binlu
gt;> Windows from the following latest snapshots:
> >>
> >>ftp://ftp.openssl.org/snapshot/openssl-1.0.1-stable-SNAP-20111028.tar.gz
> >>
> >>ftp://ftp.openssl.org/snapshot/openssl-fips-2.0-test-20111028.tar.gz
> >>
> >> I get t
Kristen,
Your points are all good. However, I have found the compatibility
not good with customer installed versions versus my own. One of the
problems, for example, could be that openssl compiles with a certain
type of threads, not the same as your application. Same with
semaphores and wh
.openssl.org/snapshot/openssl-1.0.1-stable-SNAP-20111028.tar.gz
>>
>> ftp://ftp.openssl.org/snapshot/openssl-fips-2.0-test-20111028.tar.gz
>>
>> I get the following compilation error:
>>
>> "Cannot open include file: 'ope
On Fri, Oct 28, 2011, Bill Durant wrote:
> Hello,
>
> What is the procedure for building a 64-bit FIPS-capable OpenSSL on Windows
> from the following latest snapshots:
>
> ftp://ftp.openssl.org/snapshot/openssl-1.0.1-stable-SNAP-20111028.tar.gz
>
>
Hello,
What is the procedure for building a 64-bit FIPS-capable OpenSSL on Windows
from the following latest snapshots:
ftp://ftp.openssl.org/snapshot/openssl-1.0.1-stable-SNAP-20111028.tar.gz
ftp://ftp.openssl.org/snapshot/openssl-fips-2.0-test-20111028.tar.gz
On 10/28/11 12:39 PM, Eric S. Eberhard wrote:
I have an easy solution I use because not only do you have the problem with
admins not having the library installed, you have the problem of them having the
wrong version installed for something they need. Your app or theirs won't work.
Or yours wil
I have an easy solution I use because not only do you have the
problem with admins not having the library installed, you have the
problem of them having the wrong version installed for something they
need. Your app or theirs won't work. Or yours will, and they update
openssl and it no longer
After all my wrangling, I'm leaning towards just using client certs.
Is it a reasonable assumption that on UNIX'es these days I can
expect to find libssl.so AND the openssl command line?
If not, is it reasonable to assume that A sysadmin will
install openssl to get my app to work?
Otherwise, it
Thank you! Thank is great info for me if I ever need SSH (meaning
SSL with the protocol). It may also help the original person as he
may be able to solve his problem using inetd and openssh ... which is
easy and reliable and works great if you have remotely reasonable
traffic. Also, way less
On Fri, Oct 28, 2011 at 12:26 PM, David Durham
wrote:
>
> I'm just sending the message to cout. If you can point me to
> information on outputting the full OpenSSL error stack, I'd appreciate
> it.
replied too soon, looks like this is what I want:
ERR_print_errors(sbio);
-Dave
On Thu, Oct 27, 2011 at 4:55 PM, Dave Thompson wrote:
> If you just want confidentiality with truly no authentication,
> SSL/TLS (and OpenSSL) can do that with the anonymous-DH and
> anonymous-ECDH suites. I assume you understand and accept the
> vulnerabilities you are creating by not authenticat
Simple, really:
You have not set the "private" part of the private key (d, p, q, dmp1,
dmq1, iqmp).
You need to export the private key from CryptoAPI too, and convert that
blob,
not the public key blob.
Alternatively, I have heard rumors of a "CryptoAPI engine" plug in for
OpenSSL
which wi
On 10/28/2011 2:08 AM, Eric S. Eberhard wrote:
I end up using SSL because, weirdly, credit card companies and
shipping companies (I do business software), and so forth, all use SSL
-- almost always HTTPS -- and I don't have a call for a protocol.
It would be REALLY cool if you could make a wra
On Thu, Oct 27, 2011, Matthias Meixner wrote:
>
> Hello!
>
> it looks like my original EMail has been truncated, therefore, my main
> questions
> were missing.
>
> I had already found option SSL_OP_NO_TICKET but I have some questions
> regarding
> SSL session tickets for which I have not f
Hi!
I am trying to make a program, that uses some Web Services in Delphi XE. To
connect to the Web Services, i have to use self signed (hope this is correct
term) certificate, which is stored in Windows cert store. So, i open the cert
store with CertOpenSystemStore, get cert with CertFindCertif
Hello!
it looks like my original EMail has been truncated, therefore, my main
questions
were missing.
I had already found option SSL_OP_NO_TICKET but I have some questions regarding
SSL session tickets for which I have not found an answer yet:
Is it OK to simply disable them or does this
Does OpenSSL look into the Windows Certificate Store?
This is what I'm wondering here:
Windows / Perl / Net::SSLeay / OpenSSL:
What locations are CA certificates loaded from?
http://stackoverflow.com/q/7662213/269126
If any one of you can take a look and maybe even answer
the question, I would c
Is there a time frame for the final release of openssl 1.0.1 yet? I
need the GCM support, and I'd hate to have to ask people to install a
snapshot in order to build my program.
Thanks,
zw
__
OpenSSL Project
20 matches
Mail list logo
