IMHO, many providers are dynamically loadable modules, i.e. shared objects
(.so). This is in conflict with the "no-shared" flag used.
Petr
From: openssl-users On Behalf Of Lee
Staniforth
Sent: Tuesday, December 21, 2021 4:09 PM
To: openssl-users@openssl.org
Subject: undefi
work
possible. Thank you very much!
Kind Regards,
Petr
Shiva,
you may also have a look at the https://github.com/provider-corner/vigenere
That's (as far as I know) the most simple provider implementation available.
Petr
-Original Message-
From: openssl-users On Behalf Of Tomas Mraz
Sent: Wednesday, September 15, 2021 2:18 PM
To: Shiva
uest;
StatusString: "wrong certid"; errorCode: 1DBD; errorDetails: CMP routines,
wrong certid
What am I doing wrong, please? It is quite obvious the new certificate will
have a different certid, isn't it?
Kind Regards,
Petr
any wrong conclusions I have
made.
Could you, please, look comment it, or possibly advice some workaround
(something like the "no-sse2" config option)?
Thank you very much.
Kind regards,
Petr Filipsky
any wrong conclusions I have
made.
Could you, please, look comment it, or possibly advice some workaround
(something like the "no-sse2" config option)?
Thank you very much.
Kind regards,
Petr Filipsky
Hi, I have problem with generate pks12 certificate for digital signing of
email. Can I ask how to add this field to subject?
openssl ca -in request.pem -out cert.pem -subj "/emailAddress=
petr.kostr...@xxx.cz/CN=Petr Kostroun/OU=EMPLOYEE/O=xxx/ST=Czech
Republic/C=CZ" -conf ./openssl.c
thx
Hi Peter:
On 2010-11-12, at 5:21 AM, Petr wrote:
Hi,
I need create Root CA and Sub CA, which will release certificate for web server
and will have certificate chain ok. I tried it myself but all certificates were
damaged and useless.
Can me anyone please write a step by step manual
Hi,
I need create Root CA and Sub CA, which will release certificate for web
server and will have certificate chain ok. I tried it myself but all
certificates were damaged and useless.
Can me anyone please write a step by step manual?
Peter
Commenting out apps/ca.c line 898-902 does "solve" this problem. IMHO
this looks like bug in check_time_format. Does anybody know less dirty
solution ?
--
Petr Silhavy
Just because you're paranoid doesn't mean they AREN
Kyle Hamilton <[EMAIL PROTECTED]> writes:
> What's the validity period for your CA certificate?
>
openssl x509 -in CA/cacert.pem -dates
notBefore=Oct 1 14:24:42 2003 GMT
notAfter=Aug 8 14:24:42 2036 GMT
...
> and did you really mean '1902'?
yes
>
> -Kyle H
file:conf_def.c:197:
No newcert.pem is created. Last "successfully" signed certificate has expire
date ~1902, probably (time_t)-1. Tested under openssl-0.9.7c and openssl-0.9.8a.
Playing with -days and -enddate doesn't help. Thanks in advance.
--
Petr Silhavy
Hello,
did anybody try to add OCSP revocation checking into standard openssl
verification routines (such as X509_verify_cert->check_revocation())?
I know we have ocsp utility, but I want to check OCSP just as simply as it can
be done with CRL now - set appropriate flag, and call X509_verify_cert(
Hi,
can I establish SSL conection without certificate and private key?
I need only secure conection without authentication.
I have tried this but SSL_accept return this error: (1)
error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no shared cipher.
Thanks,
Petr
t's not too clear since I have to delete the file
afterwards. Is there any possible way to verify temporary certificate
without saving user_certificate to a file? I'm keeping both the
certificates in X509 structures.
Regards
Petr Holub
--
e-mail: [EMAIL PROTECTED]
Web_page: http://w
=Institute of Computer Science/CN=Petr
[EMAIL PROTECTED]/CN=proxy
error 20 at 0 depth lookup:unable to get local issuer certificate
I think, that the problem is in subject and issuer in my certificate.
If I have run openssl with strace, I saw that the new version was
looking for wrong "hash name&qu
16 matches
Mail list logo