I have not compiled OpenSSL 3.0 yet, but I am pretty sure that
-fvisibility=hidden will at least break the temporary shared objects created by
the unit tests, if not everything else in OpenSSL.
This port is for ILE (native OS/400) not PASE (PASE is almost like Unix, and
already comes with OpenSSL).
The idiosyncrasies are explained in the README.as400 file in AS400patch.tar.gz.
AS400patch.tar.gz (large patch for OpenSSL and other files):
https://drive.google.com/file/d/1fttbz2T9wtVUM
OpenSSL 1.1.1l does not contain -D_XOPEN_SOURCE=700.
So you must have added it on the Configure command line or by patching the source code.
On AIX (any version), this disables _ALL_SOURCE.
This port is for ILE (native OS/400) not PASE (PASE is almost like Unix, and
already comes with OpenSSL).
The idiosyncrasies are explained in the README.as400 file in AS400patch.tar.gz.
I had to rewrite the EBCDIC support in clienthellotest.c.
AS400patch.tar.gz (large patch for OpenSSL and
This port is for ILE (native OS/400) not PASE (PASE is almost like Unix, and
already comes with OpenSSL).
The idiosyncrasies are explained in the README.as400 file in AS400patch.tar.gz.
AS400patch.tar.gz (large patch for OpenSSL and other files):
https://drive.google.com/file/d/1gAKV6X1xpNxl
-Original Message-
From: openssl-users On Behalf Of Michael
Wojcik
Sent: Thursday, January 21, 2021 9:28 AM
To: openssl-users@openssl.org
Subject: RE: OpenSSL 1.1.1g Windows build slow rsa tests
> >From: openssl-users On Behalf Of
> >Dr Paul Dale
> >Sent: Wednesday, 20 January, 2021 19
Hello,
I'm building openssl 1.1.1g on multiple platforms and I found that the rsa
speed tests are significantly slower in my build than on the other OS platforms
(Linux and macOS).
I downloaded a Windows 64-bit binary distribution of openssl from
https://kb.firedaemon.com/support/solutions/ar
This port is for ILE (native OS/400) not PASE (PASE is almost like Unix, and
already comes with OpenSSL).
The idiosyncrasies are explained in the README.as400 file in AS400patch.tar.gz.
AS400patch.tar.gz (large patch for OpenSSL and other files):
https://drive.google.com/file/d/1Rqa7JUffkSBQ
Thanks for the help. This got me on the right track.
-Dan
From: openssl-users
Date: Wednesday, November 11, 2020 at 12:02 PM
To: openssl-users@openssl.org
Subject: Re: Deleted client certificate trust expectations
External Mail. Careful of links / attachments. Submit Helpdesk if unsure.
On
Sorry I realized I didn't include the OpenSSL version I was using.
This is with OpenSSL 1.1.1d 10 Sep 2019.
-Dan
From: openssl-users
Date: Wednesday, November 11, 2020 at 10:29 AM
To: openssl-users@openssl.org
Subject: Deleted client certificate trust expectations
External Mail. Caref
not when CTX_set_verify()
is called, but that doesn't seem to be what is happening.
Another interesting bit is that the inverse is not true. If I add a cert to
the trusted directory, it immediately uses it without having to restart the
process.
I assume that if I used a certificate revocation list and revoked the client
cert this wouldn't be an issue, but why are the directory contents cached? Is
this for performance reasons?
Thanks
Dan Freed
This port is for ILE (native OS/400) not PASE (PASE is almost like Unix, and
already comes with OpenSSL).
The idiosyncrasies are explained in the README.as400 file in AS400patch.tar.gz.
AS400patch.tar.gz (large patch for OpenSSL and other files):
https://drive.google.com/file/d/1wx36GNr6TtJX_Z
, or something like that. See
https://wiki.openssl.org/index.php/Compilation_and_Installation
But be careful! You probably want to have the original system .deb files
for its openssl in an origopenssl dir
so you can reinstall them with 'sudo dpkg -i origopenssl/*.deb' when this
breaks.
On Ubuntu, the command
apt-cache rdepends libssl1.1
lists 861 packages, belonging to something like 400 projects, that depend
on openssl
On Thu, Aug 6, 2020 at 11:43 AM Patrick Steuer wrote:
> > Anything more precise than "a whole lot" will require some real
> research, I suspect.
>
> Y
Sounds like the pointer is *pointing to* memory containing 0x...
i.e. this is a use-after-free error.
You might consider building your app with Address Sanitizer enabled,
that might find the problem earlier during execution.
- Dan
On Fri, Jul 31, 2020 at 5:32 AM wrote:
> Hi g
> Btw , even "internal/sockets.h " has " #include".
Yes, but after #include .
OTOH, netdb.h should #include; can you send a download link for
the cross compilation toolkit you are using?
There's nothing wrong with being inclusive. Buildbot
was not harmed by removing the word 'slave' from
its codebase.
- Dan
On Sat, Jul 4, 2020 at 12:33 PM Donald R Laster Jr
wrote:
> Dan,
>
>The words "slave" and "master" have no negative or pos
It might be worth reminding folks of
https://www.openssl.org/community/conduct.html
which says
"We strive to be an open and inclusive community where anyone can
contribute."
- Dan
On Sat, Jul 4, 2020 at 11:02 AM Donald R Laster Jr
wrote:
>
> Having just noticed the last 4 or
cremental approach is fine, clean up the most offensive word
or two
first, and then see where things land. And if it can't start immediately,
that's
ok, it took buildbot a while to come up with the needed consensus and
elbow grease.
- Dan
On Fri, Jul 3, 2020 at 11:10 PM Eliot Lear wrote
elf-defense.
- Dan
Hello,
I updated from 1.1.1d to the latest version 1.1.1g and had a build error on
macOS 10.8 for the 64-bit crypto library. I rolled back to 1.1.1e and
reproduced the build error.
32-bit is building fine, only 64-bit has the issue. I looked at the commits
for 1.1.1e and nothing jumped out at
ucontext.h existed in 2017 in Cygwin, and still exists.
Maybe you have a very old Cygwin (you can update with setup.exe).
off topic:
"till" is correct and older than "until".
https://www.merriam-webster.com/dictionary/till
https://en.wiktionary.org/wiki/till
line 786915 in file http://www.gutenberg.org/cache/epub/673/pg673.txt
and all four paper dictionaries I have in my home (two of them do not even
mention
This port is for ILE (native OS/400) not PASE (PASE is almost like Unix, and already comes with openssl).
The idiosynchrasies are explained in the README.as400 file in AS400patch.tar.gz.
AS400patch.tar.gz (large patch for OpenSSL and other files):
https://drive.google.com/file/d/1pLDIiMTyJvKsl6
Yes, I encountered the same problem in my OS/400 port of OpenSSL 1.1.1.
The previously sent patch for 1.1.1e works for 1.1.1f as well.
Indeed, CentOS 8.0 has OpenSSL 1.1.1 with very few updates.
But CentOS 8.1 was released in January, with OpenSSL 1.1.1c.
This port is for ILE (native OS/400) not PASE (PASE is almost like Unix, and
already comes with openssl).
The idiosynchrasies are explained in the README.as400 file in AS400patch.tar.gz.
AS400patch.tar.gz (large patch for OpenSSL and other files):
https://drive.google.com/file/d/1XT24UqC5rkPSp
Hi folks.
The project I'm working on exhibits a hang in one test case when
dealing with openssl connections, usually on 8 core machines,
when built with address sanitizer enabled. This is mature,
theoretically well-debugged production code. With help from c-reduce,
I minimized the rather complex
Thank you for the information, Victor.
>> I upgraded a library that used OpenSSL 1.0.2 to the OpenSSL 1.1.1d.
>> On Windows, I have found that the time to decrypt had doubled. After
>> a bit of timestamp logging, I found the RSA_private_decrypt function
>> is taking twice as long with 1.1.1d as
I upgraded a library that used OpenSSL 1.0.2 to the OpenSSL 1.1.1d. On
Windows, I have found that the time to decrypt had doubled.
After a bit of timestamp logging, I found the RSA_private_decrypt function is
taking twice as long with 1.1.1d as it did with 1.0.2t. This is being called
from a W
> > > >The no-dso is silently not valid in 1.1.1c. That option didn't work
> > > >right, so it was unusable in practice anyway. However, someone recently
> > > >fixed that up, unfortunately after the last 1.1.1 release.
> > > >The specific patch may be possible to find on github (unless that br
>The no-dso is silently not valid in 1.1.1c. That option didn't work right, so
>it was unusable in practice anyway. However, someone recently fixed that up,
>unfortunately after the last 1.1.1 release.
>The specific patch may be possible to find on github (unless that branch has
>been deleted)
Please bear with me as I am a Windows developer, and not too adept with Linux.
Our library has been using the OpenSSL 1.0.2x branch, and we are moving to
1.1.1c. I have the Windows build of our libraries working, and now I've moved
to Linux.
Our library is built as a shared library as well as s
This port is for ILE (native OS/400) not PASE (PASE is almost like Unix, and already comes with openssl).
The idiosynchrasies are explained in the README.as400 file in AS400patch.tar.gz.
AS400patch.tar.gz (large patch for OpenSSL and other files):
https://drive.google.com/file/d/1DkTMHDvx8asGmK
>The output certainly suggests something is calling TlsAlloc between the call
>made for destructor_key.value and the one for private_drbg, and that index is
>never freed. You always get 7 when allocating destructor_key.value because
>that >index was freed when you unloaded OpenSSL, and so it's t
On 09/08/2019 14:33, Dan Heinz wrote:
>> I have a static library using OpenSSL (built as static library with
>> the no-pinshared parameter in the configuration) that is then included
>> in a DLL that gets loaded and unloaded many times by the calling
>> application.
I have a static library using OpenSSL (built as static library with the
no-pinshared parameter in the configuration) that is then included in a DLL
that gets loaded and unloaded many times by the calling application. Now that
the code is in 1.1.1c to allow me to manually shutdown the OpenSSL li
This port is for ILE (native OS/400) not PASE (PASE is almost like Unix, and
already comes with openssl).
The idiosynchrasies are explained in the README.as400 file in AS400patch.tar.gz.
AS400patch.tar.gz (large patch for OpenSSL and other files):
https://drive.google.com/file/d/1xHk6dMjFW0MDr
This port is for ILE (native OS/400) not PASE (PASE is almost like Unix, and already comes with openssl).
The idiosynchrasies are explained in the README.as400 file in AS400patch.tar.gz.
Resending this mail with files on Google Drive:
AS400patch.tar.gz (large patch for OpenSSL and oth
Is there currently a way to manually shutdown the OpenSSL library?
We have a DLL that statically links OpenSSL. Our DLL gets loaded and unloaded
multiple times by a process (not our process), and we need to release OpenSSL
each time. This was not possible with OpenSSL 1.1 as of September 201
We have not moved from OpenSSL 1.0.x to OpenSSL 1.1.x as we require the ability
to manually shutdown the library. We noticed in the latest release notes the
following:
"Modify compression code so it frees up structures without using the ex_data
callbacks. This works around a problem where some
tc if anyone has any suggestions.
I'm not sure if the git-hub bug moderators are on this list, so I'll update the
bug report there with this new info.
-Dan
On 11/8/17, 7:33 AM, "openssl-users on behalf of Ludwig, Mark"
wrote:
> From: Michael Wojcik, Wednesday,
optimizations to see if I can get it to compile with the
assembly optimizations or not.
-Dan
On 11/8/17, 7:33 AM, "openssl-users on behalf of Ludwig, Mark"
wrote:
> From: Michael Wojcik, Wednesday, November 08, 2017 7:03 AM
> To: openssl-users@openssl.org
> Subj
I see that there are a few posts about compiling openssl on HP-UX, so I’m
hopeful that someone can help me out.
I’m having issues getting things to completely finish the compilation process.
There is an issue that some folks on Git-hub helped me resolve that was caused
by some incompatibiliti
The original issue was discussed here:
https://www.mail-archive.com/openssl-users@openssl.org/msg80781.html
To summarize: We have a DLL that statically links OpenSSL. Our DLL gets loaded
and unloaded multiple times by a process (not our process), and we need to
release OpenSSL each time. Thi
>>>> On 04/01/17 23:11, Dan Heinz wrote: Using openssl 1.1.0c.
>>>>
>>>> I have a test application that is a win32 console app that calls a >
>>> win32 DLL which has the openssl libraries linked in statically>.
>>>>
&g
>>On 04/01/17 23:11, Dan Heinz wrote:
>> Using openssl 1.1.0c.
>>
>> I have a test application that is a win32 console app that calls a
>> win32 DLL which has the openssl libraries linked in statically.
>>
>> The test applications uses late-binding to
Using openssl 1.1.0c.
I have a test application that is a win32 console app that calls a win32 DLL
which has the openssl libraries linked in statically.
The test applications uses late-binding to the DLL and calls LoadLibrary for
the DLL, one test function in the DLL, and then FreeLibrary on the
internal file structure of iOS app is well defined with API to access the
directories without any hacks (I assume you weren't looking to access a
directory outside of your app)
https://developer.apple.com/library/content/documentation/FileManagement/Conceptual/FileSystemProgrammingGuide/FileSystem
I thought there is anything that would stop you from compiling with
everything and make choices at run time, (TLSv1_2_method, TLSv1_1_method,
TLSv1_method, SSLv23_method etc... just set the right flags and cyphers)
On Wed, Nov 16, 2016 at 2:58 PM, craig_we...@trendmicro.com <
craig_we...@trendmicr
You can look into modifying the window size for transmission (likely
devastating your throughput, considering it will have to drop from around
usual 64K to about a tenth of the size - mostly notably with the increase
of ACKs and header repetition with each packet ... falls too far and it
will start
less headache static linking to SSLEAY32 and LIBEAY32 :), depending on how
many windows versions you want to support, static linking to WS2_32 and
CRYP32 may also be useful (though linking all 4 nearly tripled the binary
for what we needed to have included), but don't have to worry about what
versi
response. The
CGI would basically be a wrapper, as well as a tool to regenerate an
index.txt if either the inventory or the CRL had changed.
This way, threading and the like aren't issues, and error-handling is more
easily catchable.
Does any of this sound like a particularly awfu
Hi, Matt, all,
> > Is there a throughput test for dtls record layer in openssl?
> > I want to measure the performance of dtls record layer in openssl.
> >
> > I've used s_server and s_client to talk over dtls, but seems
> > that they are only meant for functional testing.
>
> Not really. s_time
ssl that came with 10.6 :(
So I may just use the renamed files if I can't figure out how to tell the
xcode to ignore the system libraries
Thank you for helping look into this for me
On Mon, Jun 13, 2016 at 1:16 PM, Dan S wrote:
> sorry forgot to mantion that after linking with all t
sorry forgot to mantion that after linking with all the paths set it
produces the single error (one from before: Symbol(s) not found
_TLS1_2_method referenced from _main in main.o
On Mon, Jun 13, 2016 at 1:14 PM, Dan S wrote:
> I did this step at a time to see what happens and here are
all the spaces in all the paths before compiling
openssl, make had issues installing across paths with spaces)
On Sun, Jun 12, 2016 at 2:24 AM, Axel Luttgens
wrote:
> > Le 9 juin 2016 à 02:29, Dan S a écrit :
> >
> > Hello, I've compiled openssl.1.0.2h on osx (32bit) and l
16176
..
it seems there is an object maybe missing from when it was linked.
Any help or suggestion would be greatly appreciated
Thank you in advance
On Wed, Jun 8, 2016 at 5:29 PM, Dan S wrote:
> Hello, I've compiled openssl.1.0.2h on osx (32bit) and linked staticly my
> project with
Hello, I've compiled openssl.1.0.2h on osx (32bit) and linked staticly my
project with libcrypto.a and libssl/a, but I get 2 linking errors with
"Symbol(s) not found":
_TLSv1_2_method, referenced from ...
and
_BIO_test_flags, referenced from ...
Why would this be happening?
ps: (same code works
Hi,
Is there a throughput test for dtls record layer in openssl?
I want to measure the performance of dtls record layer in openssl.
I've used s_server and s_client to talk over dtls, but seems
that they are only meant for functional testing.
Thanks,
ta
--
openssl-users mailing list
To unsubscr
Hello,
Instead of using SSL_CTX_load_verify_locations with a file, we load the
data from dll resource (multiple certs separated by -BEGIN
CERTIFICATE- -END CERTIFICATE-):
...
if(pdata = (BYTE *)LockResource( hglobal )) { // BYTE *pdata, hglobal
is initialized with LoadReso
Starting August 10th, I will traveling in-and-out of Philadelphia for the next two weeks. During this time my access to e-mail and voicemail will be limited. Thank you,Dan KohlbekMCSE, MCDBA, PM, BSB___
openssl-users mailing list
To unsubscribe: https
This is a cloud based setup, Linux with OpenSSL 1.0.1g-fips 7 Apr 2014, trying
to connect to MS AD, and using a MS CA. Is there a doc someone can point me to
on how to configure the client in a MS CA environment?
Thank you,Dan
CS1_PADDING" as a padding parameter but when I decrypt the
encrypted text in Java I get a BadPadding exception.
Thanks,
Dan
On Sun, 10 Mar 2013, Dan Mahoney, System Admin wrote:
Hey there,
Apparently supporting ipv6 literals...
like openssl s_client -connect '[2001:4f8:0:2::d]:443'
..in s_client is oft-asked for but never-implemented, to the point where
there are blog articles like this out ther
g.
Can anyone who actually has a commit-bit state why these haven't been
added yet?
-Dan
--
Dan Mahoney
Techie, Sysadmin, WebGeek
Gushi on efnet/undernet IRC
ICQ: 13735144 AIM: LarpGM
Site:
How can the ocsp responder be run non-interactively (e.g., run from
a script so that the person running the script does not have to type
in the OCSP signing key password)?
(Yes, I know that that generally isn't secure, but in this case it
doesn't need to be. (It's for an example/test setup scrip
way to load trusted certs into the SSL_CTX* so the handshake
and validation will not fail with the 20 error if I have the certificates ahead
of time?
Dan Schmitt
__
OpenSSL Project http://
pping an X509* somewhere into the CA list for an SSL_CTX*
Dan Schmitt
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.or
This communication is intended only for use by the addressee(s) named herein
and may contain business confidential and/or legally privileged information. If
you are not the intended recipient of this e-mail, you are hereby notified that
any dissemination, distribution, disclosure or copying o
reuse; almost anything else means that the connection
failed. Read the manpage for SSL_get_error(3ssl) for the results and
their meanings.
Good luck.
-Kyle H
On Wed, Feb 10, 2010 at 12:46 PM, Dan Zwing wrote:
> Hello -
>
> I am writing a client program. I have a x509 certificate and a key
SSL_use_certificate or
SSL_CTX_use_PrivateKey versus SSL_CTX_use_RSAPrivateKey. I've read the openssl
docs but don't understand what functions to use.
Thanks
Dan
Thanks! FTP was the problem. SCP transferred the file without corrupting it.
Dan.
On Thu, Feb 4, 2010 at 8:30 PM, Dave Thompson
wrote:
>> From: owner-openssl-us...@openssl.org On Behalf Of Dan Letkeman
>> Sent: Thursday, 04 February, 2010 14:36
>
>> So i'm transferri
.
So i'm transferring it with FTP, could that be the problem? Any other
way to transfer it to a windows machine?
Dan.
On Thu, Feb 4, 2010 at 11:24 AM, Patrick Patterson
wrote:
> On February 4, 2010 11:38:36 am Dan Letkeman wrote:
>> Ok, when I try to import it into Internet Expl
lorer's CA list.
I just combined the certificate and our key on a linux box that has openssl.
openssl -pkcs12 -in proxy.pem -inkey proxy.key -export -out proxy.p12
On Thu, Feb 4, 2010 at 9:08 AM, Patrick Patterson
wrote:
> On February 3, 2010 05:57:36 pm Dan Letkeman wrote:
>> Th
The server i'm trying to import it into is and Astaro Firewall.
www.astaro.com. I have also just tried to import it into Internet
Explorer on Windows XP and I get an error.
The Astaro only takes PKCS12 files.
Dan.
On Wed, Feb 3, 2010 at 1:38 PM, Patrick Patterson
wrote:
> Pleas
PKCS#12 certificate file:
openssl -pkcs12 -in proxy.pem -inkey proxy.key -export -out proxy.p12
This created the .p12 file and everything looks good.
The problem is that it doesn't work on anything, not in the server or
in any browser.
Wha
Got the fix for this ...
Following callbacks must be implemented by the developer if CRYPTO library
has to be used in the multi-threaded environment.
CRYPTO_set_locking_callback()CRYPTO_set_id
Cheers !
On Thu, Sep 3, 2009 at 10:20 AM, Dan Ribe wrote:
> Hi Everyone,
>
> I am using g
Hi Everyone,
I am using gsoap stub code on Mac & facing below mentioned crash
randomly. It seems that crash happens only if some error occurs in
tcp_connect & while getting error value.
Any pointers on this ? What may be causing this behavior ?
Crash stack:
Thread 0 Crashed: Dispatch queue: co
, I'm fairly certain it has
something to do with our multithreading, but if you have any additional
suggestion I'd certainly appreciate it.
Dan
On Fri, Apr 10, 2009 at 5:11 PM, Dave Thompson <
dave.thomp...@princetonpayments.com> wrote:
> > From: owner-openssl-us...@openss
have also tried calling SSL_connect in a loop, just to test to see if
waiting/re-calling helps, but it doesn't. The same error occurs each time.
That's everything I can think of. Any additional help is certainly
appreciated.
-Dan
On Fri, Apr 10, 2009 at 2:30 PM, David Schwartz wrote:
Hello,
I'm attempting to establish an SSL connection, where everything seems OK
until SSL_connect, which returns -1. error is set to 11, and perror() gives
"Resource temporarily unavailable." ERR_error_string rather useless output:
error:0002:lib(0):func(0):system lib, even though both
SSL_loa
Thanks everyone for the help, I think I am getting closer. All of the SSL
has been removed from the listener (makes much more sense to me now), and
the Init routine has had CRYPTO_malloc_init() and
ENGINE_load_builtin_engines() added (it already had the other "basic"
routines).
When I use my clien
wclient->connection,
newclient->fd), and finally SSL_accept(newclient->connection).
It's on the SSL_accept that I get the error. So I have two questions, does
this sound like an otherwise correct procedure for establishing a basic SSL
connection? and, what might be causing the shared cipher error?
Any help is appreciated.
-Dan
wclient->connection,
newclient->fd), and finally SSL_accept(newclient->connection).
It's on the SSL_accept that I get the error. So I have two questions, does
this sound like an otherwise correct procedure for establishing a basic SSL
connection? and, what might be causing the shared cipher error?
Any help is appreciated.
-Dan
Thanks guys,
Removing the semi colon fixes the problem !
Cheers :)
On Thu, Oct 2, 2008 at 3:46 AM, Kelly, Tom <[EMAIL PROTECTED]> wrote:
>
>
> David Schwartz wrote:
>
>> "09dirkd+sRoXWShF8ctVVb4B1PAFTOBEa8diickehnAyEq6KhzLWpQqhqCnylETw\r\n"
>>>
"Drys2uVaAzmRhS6tGJ2fdwPnlSLJrQbHuP938Bkyx
= BIO_new_mem_buf(key, keyLength);
>
>EVP_PKEY *pktmp = NULL;
> pktmp = PEM_read_bio_PrivateKey(bio, NULL, NULL, NULL);
>
>if (pktmp == NULL) {
>char buffer[120];
>
>ERR_error_string(ERR_get_error(), buffer);
>
Tom,
Tried your suggestion, but it is not working !
Any other clues on this ?
Thanks much,
Dan
On Wed, Oct 1, 2008 at 7:04 PM, Kelly, Tom <[EMAIL PROTECTED]> wrote:
>
>
> Dan Ribe wrote:
>
>> Hi,
>>
>> I am trying to read the private key from the memory
Hi,
I am trying to read the private key from the memory buffer (code snippet
below), But PEM_read_bio_PrivateKey() always returns an error : OpenSSL
error: error:0906D06C:PEM routines:PEM_read_bio:no start line
Can anyone please point out what I am doing wrong here. I am pretty new to
OpenSSL, so
I am using the private key just to authenticate the client. Once server has
authenticated the client (by using the public key of client), it will give
access to that client. So I will say that in this case users of my client
application need not to have access to the private key (becasue this
authe
Hi,
I have a client/server application, where client authenticate itself by
signing a random string (sent by server) using its private key. Whole logic
is working fine for me. I am using PEM_read_PrivateKey() function to read
the private key from the key file which is stored on the disk.
As per t
Hello Everyone,
I am new to RSA/SHA1 & need some help from your side !
We have a client application on windows & I am in process to port that on
Mac. I am facing some problems with the RSA/SHA1 authentication on Mac.
Windows logic:
On windows side we have a client key file "cspkb.dat" which we a
tion on this command when it doesn't exist?
http://www.openssl.org/docs/apps/pkey.html
Thanks for your time.
Dan
__
OpenSSL Project http://www.openssl.org
User Support Mailing List
Thanks. It worked. Now i am able to communicate with the server using https.
I have done changes like :
from:
#define SOAP_SSL_DEFAULT(SOAP_SSL_REQUIRE_SERVER_AUTHENTICATION
| SOAP_SSLv3_TLSv1)
to:
#define SOAP_SSL_DEFAULT SOAP_SSL_NO_AUTHENTICATION
in stdsoap2.h. Once we have the pro
Thanks for the response. this was useful.
Now I got the readable message as : *** error:14090086:SSL
routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
I have checked this & server certificate is expired. As this is an internal
server for us, so as of now i want to ignore this error &
Thanks for the reply. I really appreciate it ! I have tried initializing the
library, but still facing same problem.
- Is there anyway to decode the error string "error:0001::lib(0)
:func(0) :reason(1)", to find out what is actually going wrong ? means what
does reason(1) stands here for ?
- Is
Hello,
I am facing some problem when trying to use a https service. SSL_connect()
is failing with error -1 (in stub code ...generated using gsoap ... code
snippet below), which means some fatal error occured at the protocol level
or connection failure occured. Further getting the SSL error code (
Does anyone have an update on how FIPS 1.1.2 and/or 1.2 are progressing? Are
there any guesstimates on when either might be officially "blessed"?
Dan Mathews
Software Developer
Configuresoft, Inc.
ting or copying any information
contained in this email to anyone other than the intended recipient is
strictly prohibited.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Gisle Vanem
Sent: Monday, November 05, 2007 12:14 PM
To: openssl-users@openssl.org
Sub
1 - 100 of 195 matches
Mail list logo
