Hi all,
I work on a consumer application which is striving to be fips-140-2
compliant.
I'm using OpenSSL as recommended in the fips guide by invoking
fips_mode_set(). However, in certain parts of the same application, I'm
using my own non-OpenSSL random number generator to generate salts for
>> Scenario 1 - Failing case
>>
>> SSL_CTX_use_certificate_file() : Loaded cert_file
>> SSL_CTX_use_certificate_chain_file() : Loaded chain_file
>
> Doing this makes no sense. If you're loading the complete chain
> file, there's no reason to first load just the certificate.
>
> Just use
On Wed, Jul 27, 2016 at 10:25:42PM +0530, john gloster wrote:
> Scenario 1 - Failing case
>
> SSL_CTX_use_certificate_file() : Loaded cert_file
> SSL_CTX_use_certificate_chain_file() : Loaded chain_file
Doing this makes no sense. If you're loading the complete chain
file, there's no reason to
On Wed, Jul 27, 2016, john gloster wrote:
> Thanks Victor.
>
> Could you explain the reason in below cases? These are in cases when we use
> both the APIs as mentioned above.
>
> cert_file : Server's certifcate
> chain_file: Complete certificate chain; starting with Server's certifcate,
>
Thanks Victor.
Could you explain the reason in below cases? These are in cases when we use
both the APIs as mentioned above.
cert_file : Server's certifcate
chain_file: Complete certificate chain; starting with Server's certifcate,
followed by intermediate CA certificate and ending with Root CA
On 26/07/2016 16:09, Piotr Panasewicz wrote:
Hi,
There’s seems to be no good explanation on the website on how to build OpenSSL
with CA certificates so I thought I’ll give a try here.
I’ve copied all the CA certs I have to the certs folder and built,
unfortunately I still get certificate
On Wed, Jul 27, 2016 at 09:28:55PM +0530, john gloster wrote:
> Can we use both the following APIs in the same application to load
> certificate to the SSL context?
>
> *SSL_CTX_use_certificate_file()*
> *SSL_CTX_use_certificate_chain_file()*
For any given certificate chain use either one or
Hi,
Can we use both the following APIs in the same application to load
certificate to the SSL context?
*SSL_CTX_use_certificate_file()*
*SSL_CTX_use_certificate_chain_file()*
If we can how to use them?
Thanks in advance.
--
openssl-users mailing list
To unsubscribe:
Hi,
We needed your input for the following.
We have three different files for the secrets to be used to support SSL.
• File1(x.certificate) --> It contains the certificate of the Server.
BEGIN CERTIFICATE
Base-64 encoded data for server’s certificate
END CERTIFICATE
•