Anyone there have any information on generation of client certificates with openssl?
I can generate them (albeit only for Netscrape at the moment - IE doesn't seem to be
playing ball) but Netscape won't verify them claiming it's not certified for email.
Check to see the CA that has certified
l of you
are willing to contribute to the requirements, I am prepared to finally do
my share of development (sorry, have not been programming that much for the
past 2 years...)
Jan Meijer
SURFnet
--
alive ~ true
__
Again, slightly off-topic.
We use apache as a proxy server. All you need to do is turn on
443 in addition to the normal 80 socket in the server. Works fine for
us and 5 proxy servers running apache. I recommend apache as a
proxy *very* highly.
I've tested the apache-proxy as well, in
Hi everyone,
Thanks for the reactions. I'm more confident in using it now :), if we have
some notible experiences during our use I'll be sure to mail them to the
stunnel mailinglist :)
Jan
--
alive=true
__
OpenSSL Project
Hi,
We're planning on using stunnel in a production environment, but only if we
can somehow verify how trustworthy it is. We could perform a
source-code-review, but perhaps it's fully trusted by you all?
Jan
--
alive=true
__
Hi,
Perhaps a little off-topic, but think it is still relevant. Now our ca is
nearing completion we are thinking about setting up a pilot testsite.
What we want to do is the following:
Outside -- WebsiteA -- |firewall| -- WebsiteB
We want our employees to be able to get to websiteB through
Dear Steve,
I've also added a brand new 'spkac' program that prints out the whole
SPKAC structure and allows one to be created from a private key. Its
based on your original idea but rewritten from scratch.
Since its all very new I'd appreciate any comments. There may well be
the odd bug
Hi Massimiliano,
You are asking wich type of algorithm the user is about to use (DSA/RSA/
whatever) ?
Yep.
I am not sure I understood it (partially because I never took a close look
to PGP ... blame me (!!!)): can you make some real example ? Cout that be
the public key itself contained
[Thu Aug 26 19:21:36 1999] [crit] Required SSLCacheServerPort missing
[Thu Aug 26 19:24:26 1999] [crit] Required SSLCacheServerPort missing
[Thu Aug 26 20:21:36 1999] [crit] Required SSLCacheServerPort missing
[Fri Aug 27 17:12:02 1999] [crit] Required SSLCacheServerPort missing
Well, it
Most CAs will have some requirements on the lengths of the public keys they
will sign. Currently the CA has to manually check the key length once a
certificate request arrives since "openssl ca" gives no indication about
the key length. I think it would be a good idea if the CA could use the
Hi,
I'm currently working on implementing openssl as a production CA (for the
SURFnet office certification authority, SURFnet is the Dutch research net.).
We want to implement the verification procedures around the technical signing
procedures, and now I stumbled into a slight problem. I
11 matches
Mail list logo