Re: [openssl-users] private key difference: openssl genrsa vs opnessl req newkey

2017-08-02 Thread Michele Mase'
tx for the support. I will try a solution with the problematic software. Best regards Michele MAsè On Tue, Aug 1, 2017 at 6:55 PM, Viktor Dukhovni <openssl-us...@dukhovni.org> wrote: > On Wed, Jul 26, 2017 at 09:21:43PM +0200, Michele Mase' wrote: > > > So, what should be the c

Re: [openssl-users] private key difference: openssl genrsa vs opnessl req newkey

2017-08-01 Thread Michele Mase'
Anyone? On Wed, Jul 26, 2017 at 9:21 PM, Michele Mase' <michele.m...@gmail.com> wrote: > Tx. > So, what should be the command line to use in order to obtain the same key? > openssl genrsa > openssl req -nodes -newkey rsa:2048 some_extra_parameters > Michele MA

Re: [openssl-users] private key difference: openssl genrsa vs opnessl req newkey

2017-07-26 Thread Michele Mase'
Tx. So, what should be the command line to use in order to obtain the same key? openssl genrsa openssl req -nodes -newkey rsa:2048 some_extra_parameters Michele MAsè On Wed, Jul 26, 2017 at 6:29 PM, Benjamin Kaduk <bka...@akamai.com> wrote: > On 07/26/2017 10:13 AM, Michele Ma

[openssl-users] private key difference: openssl genrsa vs opnessl req newkey

2017-07-26 Thread Michele Mase'
During the generation of x509 certificates, both commands give the same results: Command "a": openssl req -nodes -newkey rsa:2048 -keyout example.key -out example.csr -subj "/C=GB/ST=London/L=London/O=Global Security/OU=IT Department/CN=example.com" Command "b": openssl genrsa -out example.key

Re: Similar issuer dn mod_ssl client authentication issue

2013-05-29 Thread Michele Mase'
Dear openssl group, could you solve this issue regarding mod_ssl? Michele Masè On Thu, May 23, 2013 at 10:11 AM, Michele Mase' michele.m...@gmail.com wrote: Okay, openssl works, but mod_ssl doesn't. Is this a real problem? Instead try hacking mod_ssl code ... Could I ask for a bug/improvement

Re: Similar issuer dn mod_ssl client authentication issue

2013-05-23 Thread Michele Mase'
...@openssl.org On Behalf Of Michele Mase' Sent: Tuesday, 21 May, 2013 04:16 I was wrong! Does it work with client=Firefox using client certs under both CAs? I would expect at least one to fail. Note that s_server -verify doesn't *require* client cert, it only *allows* it; how did you check Firefox

Re: Similar issuer dn mod_ssl client authentication issue

2013-05-21 Thread Michele Mase'
supplier? Best regards Michele Masè On Sat, May 18, 2013 at 12:20 AM, Dave Thompson dthomp...@prinpay.comwrote: From: owner-openssl-us...@openssl.org On Behalf Of Michele Mase' Sent: Friday, 17 May, 2013 10:04 What I did: openssl: Commandline for the openssl s_server (sorry for my typo

Re: Similar issuer dn mod_ssl client authentication issue

2013-05-17 Thread Michele Mase'
:28 AM, Dave Thompson dthomp...@prinpay.comwrote: From: owner-openssl-us...@openssl.org On Behalf Of Michele Mase' Sent: Monday, 13 May, 2013 05:33 I'm testing a client authentication using [Apache with 1.0.0-fips] I have 2 CA's x509 pem files, bundled. CA1 signs client1 certificate files

Similar issuer dn mod_ssl client authentication issue

2013-05-13 Thread Michele Mase'
I'm testing a client authentication using: SSLCACertificateFile /path/to/pemfile.pem LocationMatch /test SSLVerifyClient require SSLVerifyDepth 2 /LocationMatch My env: CentOS 6.4, OpenSSL 1.0.0-fips 29 Mar 2010, Server version: Apache/2.4.3 (Unix) - Server built: Feb 7 2013