I'm having trouble getting RAND_status() to return 1 when my openssl.cnf
has both the default provider and the fips provider configured at the same
time:
openssl_conf = openssl_init
[openssl_init]
providers = provider_sect
[provider_sect]
default = default
Angus Robertson - Magenta Systems Ltd wrote:
> Also, there is an assumption OpenSSL is only used by other C developers,
> by the use of public macros that are not usable in any other language.
> BoringSSL replaced macros with exports and OpenSSL should consider
> doing the same.
> The idea being that supporting existing users means not changing
> the existing API, whereas catering to new users means working
> towards a new fresh consistent API.
OpenSSL has been in use for getting on for 20 years (I think) and may
still be in use in another 20 years, so can not stay stil
HI All,
I tried openssl ocsp for ipv6 and got the error message for the
OCSP.
IPv6 address with the "[]" bracket.
---
openssl ocsp -url http://*[2001:DB8:64:FF9B:0:0:A0A:285E]*:8090/ocsp-100/
-issuer /etc/cert/ipsec/cert0/ca.crt -CAfile /et
On 02/11/2020 09:00, Mahendra SP wrote:
> Hi Matt,
>
> Error is reported from this:
> FILE:../openssl-1.1.1b/ssl/statem/statem_srvr.c, FUNCTION:415,
> LINE:3055, reason=147, alert=51
>
> We see that hardware is returning 48 bytes. Even if the decrypted
> premaster data is correct, opensslĀ is e
Hi Matt,
Error is reported from this:
FILE:../openssl-1.1.1b/ssl/statem/statem_srvr.c, FUNCTION:415, LINE:3055,
reason=147, alert=51
We see that hardware is returning 48 bytes. Even if the decrypted premaster
data is correct, openssl is expecting more than 48 bytes in return.
This check fails as