To answer my own question: Use 512, 1024 and 504, 1016 in both cases
___
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Hi all,
We are using the OpenSSL FIPS module v2.0 and are in the process of certifying
the algorithms for our implementation. As part of this process there are
different types of questionnaires about the algorithms. The questionnaire for
AES GCM mode asks:
:
:
Input Data Lengths (0 to 65536
Hi,
I have Ubuntu 14.04 which has OpenSSL 1.0.1f installed and I fail to execute
the following command which is given as example on the genpkey(1) page:
openssl genpkey -genparam -algorithm DH -out dhp.pem -pkeyopt dh_rfc5114:2
Fails with: parameter setting error
Help please - thanks
LJB
Hi,
We are in the process of validating our product to FIPS 140-2 level 3. The
product is based on OpenSSL FIPS Object Module v2.0.2.
I have a question/concern with regard to the latest Summary of SP 800-131A and
FIPS 186-2 to FIPS 186-4 Transitions document from the CAVP. Please correct me
Hi,
We are switching to our own CA for in house networking. To test I've
used it to sign a server certificate and a client certificate. The
subject and issuer output for all three certificates is...
...CA:
$ openssl x509 -subject -issuer -noout -in gandalf_cacert.pem
subject=
Hi all,
I have just created a new CA which has the extension to allow client
authentication. My previous CA worked fine without this extension but some
client application now requires that I set it. So I've created a new client key
pair and signed it with the new CA, but when I use openssl
Hi all,
I have just created a new CA which has the extension to allow client
authentication. My previous CA worked fine without this extension but
some client application now requires that I set it. So I've created a
new client key pair and signed it with the new CA, but when I use
openssl
Hi All,
I have a Win program that communicates securely with one of our servers. We
are still running SSLeay-0.8.1. (Don't touch something when it works, unless
you must). We want to support PKCS#12 files in our client and I had to
upgrade to OpenSSL-0.9.3.a (the server guys are also in the