Hello All,
I noticed in trying to build OpenSSL 1.0.0l that, Configure doesn't accept the
fips and --with-fipsdir= arguments. But, the OpenSSl 1.0.1f and OpenSSL 0.9.8y
accepts the same.
Does that mean that the OpenSSL 1.0.0l wont support fips mode ? is the branch
OpenSSL 1.0.0 still under
i get this error when verifing a non-self signed certificate. how do i make
it not point to the rootCA
On 1/8/2014 10:42 AM, Abdul Anshad wrote:
Hello All,
I noticed in trying to build OpenSSL 1.0.0l that, Configure doesn't
accept the fips and --with-fipsdir= arguments. But, the OpenSSl 1.0.1f
and OpenSSL 0.9.8y accepts the same.
Does that mean that the OpenSSL 1.0.0l wont support fips mode ?
Given that Mr. Walton's initial description was wrong, and the
official Changelog is silent on the matter, what is *actually*
new in 1.0.1f and 1.0.0l compared to 1.0.1e and 1.0.0k?
On 1/6/2014 3:49 PM, OpenSSL wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
OpenSSL version 1.0.1f
On 08.01.2014 15:32, Yvonne Wambui wrote:
i get this error when verifing a non-self signed certificate. how do i make
it not point to the rootCA
It makes no sense to verify a non-self signed certificate without the
rootCA certificate. To verify such a certificate you have to provide the
On 01/08/2014 12:09 PM, Jakob Bohm wrote:
...
OpenSSL 0.9.8 can be used with the (old) OpenSSL FIPS module 1.0, by (as
one of many steps) compiling OpenSSL 0.9.8 --with-fipsdir=
Minor nit: OpenSSL FIPS Object Module v1.2(.x) goes with OpenSSL 0.9.8(x).
-Steve M.
--
Steve Marquess
OpenSSL
Jakob Bohm wrote:
On 1/7/2014 12:17 AM, Biondo, Brandon A. wrote:
I am using ‘ca’ not ‘x509’. It too ignores/discards extensions. Turning
on copy_extensions solved the issue though, thanks. I have some
follow-up questions:
1.If including SANs in CSRs is non-standard, what is the accepted way
On Wed, Jan 08, 2014, Jakob Bohm wrote:
Given that Mr. Walton's initial description was wrong, and the
official Changelog is silent on the matter, what is *actually*
new in 1.0.1f and 1.0.0l compared to 1.0.1e and 1.0.0k?
On 1/6/2014 3:49 PM, OpenSSL wrote:
-BEGIN PGP SIGNED
While I have not specifically checked the Windows 8 SDK, my extensive
experience with the version detection APIs in Windows tells me the
following:
1. GetVersion() is the only version-detection API available on older
platform versions. Later platform versions added variants of
Hello All,
If I have a Linux CLIENT machine running with openssl 0.9.8r establishing
HTTPS sessions with a Linux SERVER running openssl 1.0.1e
Is there any problems I should anticipate? In other words, should those two
versions of openssl be able to play nicely with each other
On 8 Jan 2014, at 12:14 PM, Hasan, Rezaul (NSN - US/Arlington Heights) wrote:
If I have a Linux CLIENT machine running with openssl 0.9.8r
establishing HTTPS sessions with a Linux SERVER running openssl 1.0.1e
Is there any problems I should anticipate? In other words, should
Hi,
I have a piece of code doing CRL revocation check which worked fine with 0.9.8
but now failing in 1.0.1.
The code does something like:
X509_STORE_add_crl(store,crl);
X509_STORE_CTX_init(ctx, store, cert, NULL);
Ctx-check_revocation(ctx);
In openssl lib
Hello All,
I have a set up in which i have installed OpenSSL-1.0.0l and httpd-2.4.7.
httpd-2.4.7 was compiled against OpenSSL-1.0.1e.
Now, when i try to start httpd-2.4.7 with mod_ssl enabled ( OpenSSL
installed version is 1.0.0l ) it throws the following error.
Cannot load
[1] GetVersionEx may be altered or unavailable for releases after
Windows 8.1. Instead, use the Version Helper APIs.
I thinks use 'Version Information Functions'[2] is the better choice.
[1]
http://msdn.microsoft.com/en-us/library/windows/desktop/ms724451%28v=vs.85%29.aspx
[2]
thanks martin, your response shade some light and i can now understand what
im doing. Im trying to create a two way ssl connection, the problem when
verifying the connection to the server, its using my RootCA instead of the
server, hence throwing verification error 19. would you please advise on
15 matches
Mail list logo