Re: [openssl-users] Use of openssl

2016-10-25 Thread Jakob Bohm
On 26/10/2016 00:54, Salz, Rich wrote: StartCom has directions on their website. I don't recall what the process is, but I've used it in the past. You might want to review the instructions StartCom provides. StartCom, owned by WoSign, has issues with firefox. More precisely: Due to

[openssl-users] rpmbuild openssl-1.0.1u

2016-10-25 Thread James Marcus
Hi, I'm trying to build a rpm for openssl-1.0.1u on CentOS 7 x86_64. To get the rpmbuild to run, I had to remove several comments in changelog, because they weren't formatted correctly. The second problem I ran into is one during the rpm staging: The tail end of the output from rpmbuild -ba

Re: [openssl-users] Use of openssl

2016-10-25 Thread Salz, Rich
> StartCom has directions on their website. I don't recall what the process is, > but I've used it in the past. You might want to review the instructions > StartCom provides. StartCom, owned by WoSign, has issues with firefox. > Let's Encrypt is new and has become very popular. I don't know

Re: [openssl-users] Use of openssl

2016-10-25 Thread Salz, Rich
Check out www.letsencrypt.org -- Senior Architect, Akamai Technologies Member, OpenSSL Dev Team IM: richs...@jabber.at Twitter: RichSalz -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Use of openssl

2016-10-25 Thread Jeffrey Walton
> I've a free certificate from startssl for my email address. Now I would > like to create a certificate for one of my internet domain. How can I do > that? Can I use openssl? Is there a free service like cacert.org that allow > to deploy free class IV certificates that are recognized? > Sorry

[openssl-users] Use of openssl

2016-10-25 Thread Jean Tinguely Awais
Hello, I've a free certificate from startssl for my email address. Now I would like to create a certificate for one of my internet domain. How can I do that? Can I use openssl? Is there a free service like cacert.org that allow to deploy free class IV certificates that are recognized? Sorry for

Re: [openssl-users] Clarification regarding CVE-2016-2178 for openssl 1.0.2 i and 1.0.2 j

2016-10-25 Thread Matt Caswell
On 25/10/16 09:01, Sanjaya Joshi wrote: > Hello, > > 1) > In openssl1.0.2i, the release note says, there is a fix for CVE-2016-2178: > > " > *) Constant time flag not preserved in DSA signing > > Operations in the DSA signing algorithm should run in constant time in > order to

Re: [openssl-users] openssl dgst -sha256 - result differs from Bouncycastle SHA256 digest for same input

2016-10-25 Thread Kristian
Maybe different encodings like here: http://stackoverflow.com/questions/6839969/md5-hash-with-different-results 2016-10-25 7:36 GMT+02:00 shanthi thomas : > Hi, > I read that this happens because openssl is treating the input as > characters as opposed to binary data. But

[openssl-users] Clarification regarding CVE-2016-2178 for openssl 1.0.2 i and 1.0.2 j

2016-10-25 Thread Sanjaya Joshi
Hello, 1) In openssl1.0.2i, the release note says, there is a fix for CVE-2016-2178: " *) Constant time flag not preserved in DSA signing Operations in the DSA signing algorithm should run in constant time in order to avoid side channel attacks. A flaw in the OpenSSL DSA