Re: "twice-signed certificate"

Did I get it right: Site 1 Site 2 CA1 creates private key1 and CSR1 CA2 creates private key2 and CSR2 CA1 root certificate1a = CSR1 self-signed with private key1 CA2 root certificate2a = CSR2 self-signed with CA2 private key CA1 root certificate1b = CS

Re: Cisco VPN Client

- Original Message - From: "Dattesh Lotlikar" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, September 24, 2003 6:23 AM Subject: Re: Cisco VPN Client > Did u try "openssl req -text -inform DER -in myReq.cer" ?? > regards, > dattesh Yes, result: unable to load X509 request

OCSP Server

Hi, the ocsp server manpage explains the "rsigner" option as follows: -rsigner file specifies the certificate to sign OCSP responses with. I thought you sign something with a private key, not with a certificate? When I specify the CA's key here, which starts with "-BEGIN RSA PRIVATE KEY

Outlook Express CRL-Checking

Hi, does anyone know how Outlook Express checks CRLs? I included crlDistributionPoints = URI:http://mySite/myCrl.crl into openssl.cnf In OE I set Extras | Optionen | Sicherheit | Erweitert ... | Zertifikate prüfen | Auf widerrufene digitale IDs prüfen: Nur wenn online which should translate to

Re: diagram explaining encryption using openssl

Hi Michael, - Original Message - From: "Michael Sierchio" <[EMAIL PROTECTED]> Sent: Saturday, September 20, 2003 5:22 PM > > You mention, that the data is "encrypted using the sender's private key ... > > to ensure that data is sent by the intended sender". Even though you sometimes >

Re: diagram explaining encryption using openssl

Hi Sarah, On Saturday, September 20, 2003 4:06 PM Sarah Haff wrote: Attached is a highlevel diagram that depicts how openssl will be utilized in the application for encrypting data from the sender to the receiver. You mention, that the data is "encrypted using the sender's private key .

Re: viewing contents of a Digital Certificate

sing OpenSSL. Go to http://ca.barmala.com/dump.en.php (or dump.de.php if you prefer German). This web interface basically invokes the command "openssl x509 -text -in mycertificate.cer" Christian Barmala __ OpenSSL Project

Re: Subject Attribute Email has no known NID, skipped

Hi Stephen, thank you for your fast reply. - Original Message - From: "Dr. Stephen Henson" <[EMAIL PROTECTED]> Sent: Sunday, August 31, 2003 3:30 PM > > When I use "Email" I get the Error Message: "Subject Attribute Email has no > > known NID, skipped" > > I think that is a bug... Good