RE: howto build without ssl2

2000-10-19 Thread Barnes, Michael L.
That is not a compile time option, but you can easily specify either in your application or an existing one (like modssl) to not use ssl2. Mike > -Original Message- > From: Thomas Leyer [mailto:[EMAIL PROTECTED]] > Sent: Thursday, October 19, 2000 11:48 AM > To: [EMAIL PROTECTED] > Subje

SSL/TLS overhead again

2000-09-27 Thread Barnes, Michael L.
Where I work we are going to deploy a large secure site, and the question comes up over and over again about the bandwidth overhead involved with SSL/TLS when using client authenticated certs. By using openssl s_client to connect to our SSL server here is the results: content = 2529 bytes or 2

RE: incrementing serial by 2

2000-09-26 Thread Barnes, Michael L.
Line 898 in openssl 0.9.6a in apps/ca.c change: if (!BN_add_word(serial,1)) goto err; to if (!BN_add_word(serial,2)) goto err; Mike > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]] > Sent: Tuesday, September 26, 2000 11:43 AM > To: [EMAIL PROTECTED] > Subje

RE: Compile errors

2000-08-11 Thread Barnes, Michael L.
Make sure that your download was not corrupt or something, because there is no occurance of "mf" anywhere in the file. Mike > -Original Message- > From: Ashley Horn [mailto:[EMAIL PROTECTED]] > Sent: Friday, August 11, 2000 1:05 PM > To: [EMAIL PROTECTED] > Subject: Compile errors > >

RE: Geting certificate expiration date

2000-07-20 Thread Barnes, Michael L.
yy mm dd hh mm ss Z year month day hour minute second 'Z' for UTC Mike > -Original Message- > From: Joe Manning [mailto:[EMAIL PROTECTED]] > Sent: Thursday, July 20, 2000 11:58 AM > To: [EMAIL PROTECTED] > Subject: Re: Geting certificate expiration date > > > > > This should wo

RE: Apache mod to require client certs?

2000-07-12 Thread Barnes, Michael L.
modssl maybe, yeah I think that will do it :) > -Original Message- > From: Yuji Shinozaki [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, July 12, 2000 3:17 PM > To: [EMAIL PROTECTED] > Subject: Apache mod to require client certs? > > > > I know one can do this via a cgi-bin, but does an

RE: Help! I wish for a CA HOWTO ...

2000-06-14 Thread Barnes, Michael L.
the following url is helpful: http://slwww.epfl.ch/SIC/SL/CA/ I however have done all of my own ca stuff by looking at the sign.sh file and by writing a certificate server to sign ppls certs. Hope this helps. Mike > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED

RE: how to download a certificate to browser?

2000-02-29 Thread Barnes, Michael L.
You can't usually use printf("%s") on binary data because it will stop at the first NULL. I've enclosed a simple working sample. #include #include #include #include #include int main(int argc, char **argv) { FILE *in; void *buf; struct stat st; if (argc > 1) { i