Hi All,
I’m trying to get an OCSP server operating in an SSL (really TLS1.2)
environment. It works fine in the HTTP world, but I’m having issues with
getting s_server to handle the communication in the Secure HTTPS world.
If anyone has any suggestions to get the connection to persist I’
Hi All,
My ultimate goal is to generate an RSA-PSS key that will have the PSS
parameters in the subjectPublicKey section of the TBSCertificate. In order
to do that the first need is a paramfile. Here's the command being used to
to generate the parameter file:
OpenSSL> genpkey -genparam -p
Hi All,
Once upon a time in the 0.98 timeframe, when I first configured OpenSSL as a
test OCSP server, using the format -port worked. This format however
stopped working when version 1.0 was released. After living inside Google
like Jeff Bridges in Tron, it came to light that the format
, 2017 6:49 PM
To: openssl-users@openssl.org
Subject: Re: [openssl-users] RSA-PSS Certificate
On 26/10/2017 03:30, Steven Madwin via openssl-users wrote:
>
> Starting with the definition of the subjectPublicKeyInfo from RFC
> 5280, Section 4.1 Basic Certificate fields we see that
Starting with the definition of the subjectPublicKeyInfo from RFC 5280,
Section 4.1 - Basic Certificate fields we see that the entry contains two
items:
SubjectPublicKeyInfo ::= SEQUENCE {
algorithm AlgorithmIdentifier,
subjectPublicKey BIT STRING }
In RFC 4055 - Additional Algorithms
First, I know the caveat about ONLY use the OpenSSL OCSP Server for test
purposes. With that out of the way.
Is there any known plan on the horizon, when using the ocsp server, to allow
the OCSP response to be signed using the RSASSA-PSS signature algorithm?
Thanks for any and all insigh