Re: fingerprint does not match on FIPS_mode_set when FIPS + openssl is dynamically linked into build

On Fri, Jul 27, 2012, Cassie Helms wrote: Dr. Stephen Henson steve@... writes: Integrity test started ERROR:2D06B06F:lib=45,func=107,reason=111:file=fips.c:line=229 Integrity test Failed Incorrectly!! Well that error indicates the fingerprint error. The

Re: RSA PRIVATE KEY, CERTIFICATE REQUEST, and CERTIFICATE

On 7/28/12, Rita Rex Smith ritarexsm...@gmail.com wrote: I am just getting started trying to figure out how to set up an SSL certificate and key with PayPal to use for encrypted payments on my website. I am totally confused as to what I need to upload to them and how to figure out if it is

Client cert, unverified in Firefox BUT trusted in Chrome

I have almost succeeded in creating a client SSL factory with a local CA starting with a StartSSL free server certificate. I just created a client cert. and imported it into my Chrome and Firefox browsers. Chrome shows the cert. as trusted (implied because it doesn't show it as untrusted as it

OpenSSL 1.0.0g-fips download link.

Hi, Could someone please point me to the link where I can download OpenSSL-1.0.0g-fips? On http://www.openssl.org/source/, I see only OpenSSL-1.0.0g. To get '-fips' do I need to apply any patch? -- Thanks, Nilesh __ OpenSSL

OpenSSl v1.0.1c and Apache httpd v2.2.22

Hi, I am trying to use openssl v1.0.1c or 1.0.0j with Apache v.2.2.22 but failed. I can use v1.0.0g no problem. It failed at configure phase of Apache. I posted error message in the Apache mailing list twice but no answer. I am not sure this mailing list can help me or not. Thanks. #

Re: OpenSSL 1.0.0g-fips download link.

On Sat, Jul 28, 2012, Tayade, Nilesh wrote: Hi, Could someone please point me to the link where I can download OpenSSL-1.0.0g-fips? On http://www.openssl.org/source/, I see only OpenSSL-1.0.0g. To get '-fips' do I need to apply any patch? There has never been an official 1.0.0*-fips

strange results after setting utf8 -subj in openssl ca command

My application uses X.509 certificates with commonName field set to following format: number#UserName, for example 12345#JohnSmith Everything is ok when UserName is in ascii, but when I sign new certificates using this command, for example: openssl ca -config ca_config.txt  -subj

Re: OpenSSl v1.0.1c and Apache httpd v2.2.22

On Fri, Jul 27, 2012 at 3:03 PM, Ruiyuan Jiang rji...@fnpc.com wrote: Hi, I am trying to use openssl v1.0.1c or 1openssl v1.0.1c.0.0j with Apache v.2.2.22 but failed. I can use v1.0.0g no problem. It I get a good configure with openssl v1.0.1c and apache v2.4.2. I have not tried 2.2. Any

Re: create certificate request programmatically using OpenSSL API

On Fri, Jul 27, 2012 at 9:00 AM, Abyss Lingvo xidex...@yahoo.com wrote: Hi all! The last problem is how to create GOST key pair for certificate. It is clear how to create RSA keys. Sample is here : http://www.openssl.org/docs/crypto/EVP_PKEY_keygen.html #include openssl/evp.h #include

RE: OpenSSL 1.0.0g-fips download link.

-Original Message- From: owner-openssl-us...@openssl.org [mailto:owner-openssl- us...@openssl.org] On Behalf Of Dr. Stephen Henson Sent: Sunday, July 29, 2012 12:02 AM To: openssl-users@openssl.org Subject: Re: OpenSSL 1.0.0g-fips download link. On Sat, Jul 28, 2012, Tayade,

Re: Padding check failed and program crash with SIGABRT.

On Sat, Jul 28, 2012 at 6:12 PM, Tayade, Nilesh nilesh.tay...@netscout.com wrote: Hi, I have developed the utility to decrypt the packets coming on wire. I take the server private key and go on decrypting packets which are received through the .pcap file. But the utility is crashing in

Re: client server management of client SSL certificates

Good questions and similar to what is on my mind. Please let me know if you get any good answers to these questions. From: Ted Byers Sent: Saturday, July 28, 2012 12:15 PM To: openssl-users@openssl.org Subject: client server management of client SSL certificates I am familiar with basic