_
_
ƒ°â█g┘⌐├Z<₧é╚ @ERROR
shutting down SSL
CONNECTION CLOSED
Steven Madwin
Software PKI Engineer
Adobe Inc.
345 Park Avenue, MS-W15
San Jose, CA 95110-2704 USA
Phone: 408.536.4343
Fax: 408.536.6024
<mailto:steven.mad...@adobe.com> steve
ion and capped off
with the -pkeyopt options it looks to me that the order is correct.
If anyone has any enlightenment for me I'd be eternally grateful.
Thanks,
Steve
Steven Madwin
Software QA Engineer
Adobe Systems Incorporated
345 Park Avenue, MS-W15
San Jose, C
all leads up to the
question, has anyone been able to get version 1.1 to act as an OCSP server
using the -port option?
Thanks,
Steve
Steven Madwin
Software QA Engineer
Adobe Systems Incorporated
345 Park Avenue, MS-W15
San Jose, CA 95110-2704 USA
Phone: 408.536.4343
Fax:
, 2017 6:49 PM
To: openssl-users@openssl.org
Subject: Re: [openssl-users] RSA-PSS Certificate
On 26/10/2017 03:30, Steven Madwin via openssl-users wrote:
>
> Starting with the definition of the subjectPublicKeyInfo from RFC
> 5280, Section 4.1 Basic Certificate fields we see that
ks,
Steve
Steven Madwin
Software QA Engineer
Adobe Systems Incorporated
345 Park Avenue, MS-W15
San Jose, CA 95110-2704 USA
Phone: 408.536.4343
Fax: 408.536.6024
<mailto:steven.mad...@adobe.com> steven.mad...@adobe.com
smime.p7s
Description: S/MIME cryptographic signa
insight,
Steve Madwin
Steven Madwin
Software QA Engineer
Adobe Systems Incorporated
345 Park Avenue, MS-W15
San Jose, CA 95110-2704 USA
Phone: 408.536.4343
Fax: 408.536.6024
<mailto:steven.mad...@adobe.com> steven.mad...@adobe.com
smime.p7s
Description:
I see that the x509 command used with the -issuer_hash option returns a four
byte digest value. Is there any method using OpenSSL to procure the 20-byte
SHA-1 digest value of the issuer name?
Thanks,
Steve
cid:image001.gif@01CC0904.0EE5C480
Steven Madwin
Software QA Engineer
Hi Patrick,
Both you and Dr. Henson have made it clear that the OCSP server
implementation is only to be used for testing. With that in mind, the server
implementation does act as a server and responds to inbound requests via
http in version 0.9x, but that functionality stopped working in version
The short answers is no. An OCSP response has to be signed by the issuer (or
a delegate of the issuer) and a self-signed cert is issued by itself. As a
general rule certs can't revoke themselves so there is no need to get a
revocation response for a self-signed cert.
Steve
-Original Message--
Hi Walter,
I hope this helps.
Steve
id-pda-dateOfBirth = 1.3.6.1.5.5.7.9.1
[ subjectDirAttrib_sec ]
1.3.6.1.5.5.7.9.1 = SEQUENCE:dateOfBirth_sec #id-pda-dateOfBirth
[ dateOfBirth_sec ]
id-pda-dateOfBirth.name= OID:id-pda-dateOfBirth
id-pda-dateOfBirth.value = SET:dateOfBirth_
Hi John,
As an aside to what Gayathri said, I'm not a developer, but I have used
OpenSSL to create a complete PKI universe for testing. Using the
pre-compiled, downloadable installer I've been able to create Root
certificates, Intermediate CA certificates, and end-entity certificates of
all sha
Hi Adrien,
Just out of curiosity, what version of OpenSSL are you using? I can get OCSP
to work with version 0.9.8, but not 1.0 or later and Im looking to see if
anyone else has had any luck with the current version.
Thanks,
Steve
From: owner-openssl-us...@openssl.org
[mailto:owner-op
Has anyone been able to get OCSP working with version 1.0 or later? It works
for me with version 0.9, but not 1.0.1c. I did see where someone suggested
using an IPv6 style port address (i.e. -port :::8080), but that didn't help
(although it does work with 0.9.81 just fine).
Many thanks,
Steve
13 matches
Mail list logo