Thanks Jakob. Thanks a lot.
On Wed, Nov 21, 2018 at 10:58 PM Jakob Bohm via openssl-users <
openssl-users@openssl.org> wrote:
> I think you missed the following:
>
> Because CBC is the oldest block cipher mode in SSL and
> TLS, the cipher suites using CBC don't include the
> letters "CBC" in
On Wed, Nov 21, 2018 at 05:45:19PM +, Filipe Fernandes wrote:
> I've followed your example, and it looks like the server is doing what it's
> supposed to, however, I'm getting a disconnect from the server when the
> session expires. Which should not happen, and I can't seem to find a reason
>
On Wed, Nov 21, 2018 at 11:36:46AM -0800, Ken wrote:
> I tested using s_client, on both systems, with no options, with CAfile
> pointing to the correct CA, and with CAfile pointing to the WRONG CA
> file - the only time it failed was on the new version, with the wrong
> file. (Results
>For example, I want the string "SSL_R_TOO_MANY_WARN_ALERTS" for an
error with that value, not just the "too many alerts" description.
You're correct, it's not done.
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
For example, I want the string "SSL_R_TOO_MANY_WARN_ALERTS" for an
error with that value, not just the "too many alerts" description.
I'm suspecting not, I don't see any use of #reason in ERR_REASON() or
the macros it uses.
--
openssl-users mailing list
To unsubscribe:
Hi Viktor,
I tested using s_client, on both systems, with no options, with CAfile
pointing to the correct CA, and with CAfile pointing to the WRONG CA
file - the only time it failed was on the new version, with the wrong
file. (Results attached.) I guess the new version is better at checking
I've misjudged. The socket is closed even if the session has not ended
(I've set the session timeout to 10 times the resumption cycle).
You can check the tcpdump here:
https://imgfly.me/i/66LJY
I'm doing exactly what is on the s_server example, without avail.
if
Hi Viktor,
I've followed your example, and it looks like the server is doing what it's
supposed to, however, I'm getting a disconnect from the server when the
session expires. Which should not happen, and I can't seem to find a reason
for this to be happening.
As previously said, I'm developing
I think you missed the following:
Because CBC is the oldest block cipher mode in SSL and
TLS, the cipher suites using CBC don't include the
letters "CBC" in their names.They simply don't mention
a different mode (such as GCM or CCM).
For example ECDHE-RSA-AES128-SHA uses AES128 in CBC mode.
On
> On Nov 21, 2018, at 3:11 AM, 毛 wrote:
>
> We are using SSL_CTX_use_certificate() instead of
> SSL_CTX_use_certificate_chain_file().
Do you then add chain certificates one by one?
> Does it also support multiple certificate chains?
I believe it will work correctly in 1.1.x, and perhaps in
Hi Viktor, Many thanks for your response.
We are using SSL_CTX_use_certificate() instead of
SSL_CTX_use_certificate_chain_file(). Does it also support multiple certificate
chains?
And as I know, OpenSSL 1.0.2 and later have a separate chain store for each
type of certificate (RSA, ECC or
11 matches
Mail list logo