Re: [openssl-users] openssl -check

    Gesendet: Mittwoch, 06. September 2017 um 18:06 Uhr Von: "Jakob Bohm" An: openssl-users@openssl.org Betreff: Re: [openssl-users] openssl -check On 06/09/2017 16:18, "Georg Höllrigl" wrote: > Hello, > Is there a way to verifiy a cert? > I'm thinking about some equivalent to > openssl rsa -n

Re: [openssl-users] Env variables in config file to add a whole line

On 06/09/2017 19:34, Robert Moskowitz wrote: On 09/06/2017 01:31 PM, Salz, Rich via openssl-users wrote: … $crlDP $ocspIAI This is not supported.  You can only put variables in *values* OK.  But now I have to work out values. Bob As previously, have a set of "certificate prof

Re: [openssl-users] Env variables in config file to add a whole line

On 09/06/2017 01:31 PM, Salz, Rich via openssl-users wrote: … $crlDP $ocspIAI This is not supported. You can only put variables in *values* OK. But now I have to work out values. Bob -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo

Re: [openssl-users] Env variables in config file to add a whole line

… $crlDP $ocspIAI This is not supported. You can only put variables in *values* -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Env variables in config file to add a whole line

I got past the error to build the CSR by using: crlDistributionPoints = $ENV::crlDP authorityInfoAccess = $ENV::ocspIAI Just $crlDP failed even though I had this defined in the [ca} section. The CSR does not use the user_cert or server_cert. This was 'just' a config file syntax issue. When I

[openssl-users] Env variables in config file to add a whole line

I am trying to use an environment variable to add a whole line to the config file. This is to control adding (or not providing) CRL and/or OCSP support. export shows: declare -x crlDP="crlDistributionPoints = URI:http://www.htt-consult.com/pki/intermediate.crl.pem"; declare -x default_crl_d

Re: [openssl-users] ASN1_TIME to time_t

On Wed, Sep 06, 2017, Michael Wojcik wrote: > > From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf > > Of Dr. Stephen Henson > > Sent: Wednesday, September 06, 2017 10:26 > > > > No but there is a a round about way of achieving the same result. The > > ASN1_TIME_diff() funct

Re: [openssl-users] openssl -check

On 06/09/2017 16:18, "Georg Höllrigl" wrote: Hello, Is there a way to verifiy a cert? I'm thinking about some equivalent to openssl rsa -noout -in example.key -check but for the public part. I found some broken certifiate (lines in the PEM encoding got swapped) openssl x509 -in broken.cer but see

Re: [openssl-users] ASN1_TIME to time_t

> From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf > Of Jakob Bohm > Sent: Wednesday, September 06, 2017 09:27 > > On 06/09/2017 14:17, Michael Wojcik wrote: > > > struct tm is local time, so you need to adjust for timezone. > > It's not as much struct tm, as it is the mkt

Re: [openssl-users] ASN1_TIME to time_t

> From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf > Of Dr. Stephen Henson > Sent: Wednesday, September 06, 2017 10:26 > > No but there is a a round about way of achieving the same result. The > ASN1_TIME_diff() function will determine the difference between two > ASN1_TIME

Re: [openssl-users] ASN1_TIME to time_t

On Wed, Sep 06, 2017, Dmitry Belyavsky wrote: > Dear Matt, > > On Wed, Sep 6, 2017 at 11:16 AM, Matt Caswell wrote: > > > > > > > On 06/09/17 09:12, Dmitry Belyavsky wrote: > > > Hello, > > > > > > Is there a way to convert ASN1_TIME to time_t or smth compatible? Quick > > > googling does not s

[openssl-users] openssl -check

Hello,   Is there a way to verifiy a cert? I'm thinking about some equivalent to   openssl rsa -noout -in example.key -check   but for the public part.   I found some broken certifiate (lines in the PEM encoding got swapped)   openssl x509 -in broken.cer but see no way to verify...   c

Re: [openssl-users] Problem with Last step in setup

Looks like changing to root did it….Sometimes when your string at the screen for hours doing other things, the answer passes you by….Thanks for the support Elio Gerardi – Cloud Architect Hyperscaler GTM team Cloud Business Unit cloud.netapp.com NetApp 646.313.3079 Direct Phone 914.4

Re: [openssl-users] Query on usage of openssl 1.1.0f with openssl-FIPS

Support for DTLS 1.2 was one of the major changes from 1.0.1 to 1.0.2, see https://www.openssl.org/news/openssl-1.0.2-notes.html From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf Of Salz, Rich via openssl-users Sent: Wednesday, September 06, 2017 06:49 To: openssl-users@op

Re: [openssl-users] Query on usage of openssl 1.1.0f with openssl-FIPS

Ø I am unable to find the openssl-fips module for 1.1.0f. Do you know when it will be available? We have no date. Work hasn’t fully started, and isn’t fully funded. Perhaps your company would like to help? :) See our blog for updates (look in the archive for postings with FIPS in the title;

Re: [openssl-users] ASN1_TIME to time_t

On 06/09/2017 14:17, Michael Wojcik wrote: From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf Of Dmitry Belyavsky Sent: Wednesday, September 06, 2017 04:12 Is there a way to convert ASN1_TIME to time_t or smth compatible? Quick googling does not show good results. We just

Re: [openssl-users] SSL_CTX_set_cipher_list returns failure for DHE-DSS-AES256-GCM-SHA384

On 09/06/2017 12:02 AM, mahesh gs wrote: > Hi All, > > I am using openssl version 01.01.00f for providing TLS and DTLS > security for TCP and SCTP connection for our application. I have query > regarding the "Ciphers" that are accepted by the > SSL_CTX_set_cpiher_list API. The list of ciphers that

Re: [openssl-users] ASN1_TIME to time_t

> From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf Of > Dmitry Belyavsky > Sent: Wednesday, September 06, 2017 04:12 > Is there a way to convert ASN1_TIME to time_t or smth compatible? Quick > googling does not show good results. We just implemented it ourselves, by pars

Re: [openssl-users] ASN1_TIME to time_t

On 06/09/17 09:20, Dmitry Belyavsky wrote: > Dear Matt, > > On Wed, Sep 6, 2017 at 11:16 AM, Matt Caswell > wrote: > > > > On 06/09/17 09:12, Dmitry Belyavsky wrote: > > Hello, > > > > Is there a way to convert ASN1_TIME to time_t or smth compatible?

Re: [openssl-users] ASN1_TIME to time_t

Dear Matt, On Wed, Sep 6, 2017 at 11:16 AM, Matt Caswell wrote: > > > On 06/09/17 09:12, Dmitry Belyavsky wrote: > > Hello, > > > > Is there a way to convert ASN1_TIME to time_t or smth compatible? Quick > > googling does not show good results. > > In master you can use ASN1_TIME_to_tm() which w

Re: [openssl-users] ASN1_TIME to time_t

On 06/09/17 09:12, Dmitry Belyavsky wrote: > Hello, > > Is there a way to convert ASN1_TIME to time_t or smth compatible? Quick > googling does not show good results. In master you can use ASN1_TIME_to_tm() which will give you a struct tm. Not available in released versions yet though. Matt -

[openssl-users] ASN1_TIME to time_t

Hello, Is there a way to convert ASN1_TIME to time_t or smth compatible? Quick googling does not show good results. Thank you! -- SY, Dmitry Belyavsky -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users