Know Extended Key Usage

HI, How can I know the Extended Key Usage parameters of a remote SSL enabled site using OpenSSL ? Thanks, Akash

Re: We'll be at LinuxConf next week

Hi Rich! Will the record of the session be available? On Wed, Oct 8, 2014 at 6:35 AM, Salz, Rich rs...@akamai.com wrote: Most of the OpenSSL development team will be at LinuxConf in Dusseldorf next week. We’ll have some kind of BoF or public session. But feel free to also look for me (and

Re: Know Extended Key Usage

Hi, Akash... On 10/08/2014 01:40 AM, Akash Jain wrote: HI, How can I know the Extended Key Usage parameters of a remote SSL enabled site using OpenSSL ? Does this help: https://www.madboa.com/geek/openssl/#cert-retrieve You could modify the one script there to something like: #!/bin/sh

Re: Know Extended Key Usage

Thanks Lewis ! I also used - openssl s_client -showcerts -connect google.com:443 /dev/null | openssl x509 -outform PEM | openssl x509 -noout -text | grep -A1 X509v3 Extended Key Usage On Tue, Oct 7, 2014 at 11:40 PM, Lewis Rosenthal lgrosent...@2rosenthals.com wrote: Hi, Akash... On

RE: We'll be at LinuxConf next week

Will the record of the session be available? The public session? We haven’t made any plans to do so. If anyone wants to take notes, sure. We're going to be spending almost all of the three days in internal WG meetings. We have a big agenda. There will definitely be updates coming out of

RE: Certificate chain

Different string types in the issuer/subject fields seems to have been the issue. I have set both to UTF-8 and they match perfectly in the certification path dialogue of the browser now. Thanks! -Original Message- From: owner-openssl-us...@openssl.org

Re: Know Extended Key Usage

I think you can safely omit the middle openssl command. On 08/10/2014 09:28, Akash Jain wrote: Thanks Lewis ! I also used - openssl s_client -showcerts -connect google.com:443 http://google.com:443 /dev/null | openssl x509 -outform PEM | openssl x509 -noout -text | grep -A1 X509v3 Extended

Re: We'll be at LinuxConf next week

Hello Rich, Could you send a notification when you find out it more exactly? Thank you! On Wed, Oct 8, 2014 at 3:26 PM, Salz, Rich rs...@akamai.com wrote: So is any form of remote participance available? I have no idea. Never been to linuxconf before, don't know what they have. We're not

RE: We'll be at LinuxConf next week

Could you send a notification when you find out it more exactly? Of course, that's the point! :) -- Principal Security Engineer, Akamai Technologies IM: rs...@jabber.me Twitter: RichSalz :��IϮ��r�m (Z+�K�+1���x��h[�z�(Z+���f�y���f���h��)z{,���

Re: Know Extended Key Usage

Hi, all... Actually, Jakob, I think it's the second one (the first one after the pipe) which can come out, i.e.: openssl s_client -showcerts -connect google.com:443 \ /dev/null | openssl x509 -noout -text | grep -A1 X509v3 Extended Key Usage which seems to produce a little less noise, but

Re: Know Extended Key Usage

Yep, middle of 3 openssl commands in the pipeline... On 08/10/2014 16:56, Lewis Rosenthal wrote: Hi, all... Actually, Jakob, I think it's the second one (the first one after the pipe) which can come out, i.e.: openssl s_client -showcerts -connect google.com:443 \ /dev/null | openssl x509

Format of sig in EVP_SignFinal for DSA keys

I can't find any documentation as the exact format of sig produced by EVP_SignFinal when using a DSA key. It's 71 bytes, but 71 bytes of what? thanks Grahame -- - http://www.healthintersections.com.au / grah...@healthintersections.com.au / +61 411 867 065

Re: Format of sig in EVP_SignFinal for DSA keys

On 6 Oct 2014, at 2:11 PM, Grahame Grieve wrote: I can't find any documentation as the exact format of sig produced by EVP_SignFinal when using a DSA key. It's 71 bytes, but 71 bytes of what? Just guessing here, but there are two formats I've seen for (EC)DSA signatures. One of them is an