Comic Sans. Need I say more?
On Tue, Dec 26, 2017 at 4:53 AM, Sai Teja Chowdary <
asteja.chowdary.ec...@itbhu.ac.in> wrote:
>
>
> Hi,
>
>
>
> Happy Holidays everyone.
>
>
>
> I want to send client certificate, client key exchange and client verify
> in a single handshake message which appears as
The difference is “auto private key” versus “RSA private key.”
> -BEGIN PRIVATE KEY-
This is a private key wrapped in a PKCS8 container with a key-type identifier.
root@Test-MCP:/usr/local/etc/HD-MCP/ssl/x # openssl rsa -inform pem -in
test.key -outform der -out key.der
writing RSA key
On 12/28/2017 18:31, Salz, Rich via openssl-users wrote:
>
> It is hard to follow this thread with all the indenting.
>
>
>
> > If I take a PEM-encoded RSA private key file and convert it to
> binary (using b64decode) what I get is not the same thing as I get
> from "openssl rsa -inform pem -in
It is hard to follow this thread with all the indenting.
> If I take a PEM-encoded RSA private key file and convert it to binary (using
> b64decode) what I get is not the same thing as I get from "openssl rsa
> -inform pem -in key -outform der -out key.der".
How do you convert it? Did you str
On 12/28/2017 16:57, Karl Denninger wrote:
> On 12/28/2017 16:15, Karl Denninger wrote:
>> On 12/26/2017 14:07, Kurt Roeckx wrote:
>>> On Tue, Dec 26, 2017 at 01:42:57PM -0600, Karl Denninger wrote:
On 12/26/2017 13:14, Salz, Rich via openssl-users wrote:
> So if you put locks around the S
On 12/28/2017 16:15, Karl Denninger wrote:
> On 12/26/2017 14:07, Kurt Roeckx wrote:
>> On Tue, Dec 26, 2017 at 01:42:57PM -0600, Karl Denninger wrote:
>>> On 12/26/2017 13:14, Salz, Rich via openssl-users wrote:
So if you put locks around the SSL_CTX object when it’s used, then you
can u
> On Dec 28, 2017, at 5:16 PM, Salz, Rich via openssl-users
> wrote:
>
> No, but that would be simple to add if you are up for doing the PR.
For the record, as mentioned in a previous post, this is already
available for self-signed certificates (via openssl req -x509).
What's missing is suppo
Hi all,
I'm trying to build OpenSSL on Windows. I'm using the nmake that came with
Visual Studio 2017, NASM, ActivePerl and have installed the Test::More and
Test::Template modules. nmake, perl and nasm are all visible in my system Path
variable. This is what I'm seeing:
C:\Users\e1\openssl\sourc
No, but that would be simple to add if you are up for doing the PR.
For now, the cert config file would have to copy the extensions.
From: Dmitry Belyavsky
Date: Thursday, December 28, 2017 at 4:34 PM
To: Rich Salz , openssl-users
Subject: Re: [openssl-users] New usability feature
Dear Rich,
On 12/26/2017 14:07, Kurt Roeckx wrote:
> On Tue, Dec 26, 2017 at 01:42:57PM -0600, Karl Denninger wrote:
>> On 12/26/2017 13:14, Salz, Rich via openssl-users wrote:
>>> So if you put locks around the SSL_CTX object when it’s used, then you
>>> can use the set private key call to update the key; an
> On Dec 28, 2017, at 4:34 PM, Dmitry Belyavsky wrote:
>
> Great news!
> Does it work for certificates too?
The updated documentation says:
+=item B<-addext ext>
+
+Add a specific extension to the certificate (if the B<-x509> option is
+present) or certificate request. The argumen
Dear Rich,
Great news!
Does it work for certificates too?
On Thu, Dec 28, 2017 at 11:51 PM, Salz, Rich via openssl-users <
openssl-users@openssl.org> wrote:
> Having wrestled with this in the past, I want to point out that with
> commit https://github.com/openssl/openssl/commit/
> bfa470a4f643
Having wrestled with this in the past, I want to point out that with commit
https://github.com/openssl/openssl/commit/bfa470a4f64313651a35571883e235d3335054eb
in master, it’s now possible to put a SAN field (or any extension) in a cert
request via the command line; no special custom config or fa
> Hence, if at all, verification requirements must have been lowered in the new
> OpenSSL version.
No, it is also the case that the new version now more correctly accepts some
chains as valid that because of bugs, the old version did not.
--
openssl-users mailing list
To unsubscribe: https://
> On Dec 28, 2017, at 4:54 AM, Manuel Wagesreither wrote:
>
> Thanks for your feedback. Unfortunately I cannot include the certificate raw
> data as it may contain sensitive information. Also, I'm unable to replace
> them with self-made certificates as I don't know the parameters the original
Am Fr, 22. Dez 2017, um 20:31, schrieb Sands, Daniel:
> On Fri, 2017-12-22 at 11:14 +0100, Manuel Wagesreither wrote:
> > Unfortunately this didn't work either. The end result is the same;
> > OpenSSL still emits a "certificate signature failure" with an error
> > depth of 0.
> >
> In light of wha
Thanks for your feedback. Unfortunately I cannot include the certificate raw
data as it may contain sensitive information. Also, I'm unable to replace them
with self-made certificates as I don't know the parameters the original ones
were created with in the first place. The original creators are
17 matches
Mail list logo
