openssl library you ran openssl
> fipsinstall? i.e. you're not just using a previously generated
> fipsmodule.cnf file? The above errors initially seem like self
> tests failed on the fips provider load, suggesting that the
> module-mac or instal
viders/fips/fipsprov.c:707:* /
>> >
>> > >/*80D1CD65667F:error:078C0105:common libcrypto /
>> >
>> > >/routines:provider_init:init /
>> >
>> > >/fail:../openssl-3.0.9/crypto/provider_core.c:932:name=fips* /
>> >
gt; >
> >
> >
> > On Fri, May 24, 2024 at 6:55 PM Neil Horman > <mailto:nhor...@openssl.org>> wrote:
> >
> > I assume that, after building the openssl library you ran openssl
> > fipsinstall? i.e. you're not just using a previo
e.cnf file? The above errors initially seem like self
tests failed on the fips provider load, suggesting that the
module-mac or install-mac is incorrect in your config
'Neil
On Fri, May 24, 2024 at 2:05 AM murugesh pitchaiah
mailto:murugesh.pitcha...@gmail.com>&
or
> install-mac is incorrect in your config
> 'Neil
>
> On Fri, May 24, 2024 at 2:05 AM murugesh pitchaiah <
> murugesh.pitcha...@gmail.com> wrote:
>
>> Hi,
>>
>> Need your help on using openssl fips provider programmatically with
>> open
ct in your config
'Neil
On Fri, May 24, 2024 at 2:05 AM murugesh pitchaiah <
murugesh.pitcha...@gmail.com> wrote:
> Hi,
>
> Need your help on using openssl fips provider programmatically with
> openssl 3.0.9.
>
> Error seen:
>
> *80D1CD65667F:error:1C8000D4:
Hi,
Need your help on using openssl fips provider programmatically with openssl
3.0.9.
Error seen:
*80D1CD65667F:error:1C8000D4:Provider routines:SELF_TEST_post:invalid
state:../openssl-3.0.9/providers/fips/self_test.c:262:*
*80D1CD65667F:error:1C8000D8:Provider
On 17/10/2022 13:10, Ashok Kumar Sarode via openssl-users wrote:
NOTE: I have re-named file openssl\*configuration.h.in* to
openssl\*configuration.h*
Likewise i re-named err.h, ssl.h, opensslv.h, crypto.h
Don't do that. That is almost certainly the cause of these errors. The
".h.in" file
Hello OpenSSL users,
I need help on following errors which I am getting from myWindows machine
building on Visual Studio 2019,
Version 16.11.17.
Build started...1>-- Build started: Project: executeHelloWorld,
Configuration: Debug Win32
--1>VerifyJWTSignUsingRSA.cpp1>C:\Us
xtra option: "subjectKeyIdentifier=hash"
req: Use -help for summary.
and this will be available with OpenSSL 3.1.
BTW, if you want a validity period of exactly 100 years, you need to take into
account 24 leap days/years,
so better use "-days 36524" than "-days 36500".
d setting valid values for
p q and g using DH_set0_pqg().
BIGNUM *a = BN_bin2bn(p, p_len, NULL);
BIGNUM *b = BN_bin2bn(g, g_len, NULL);
DH_set0_pqg(dh, a, NULL, b);
But this did not help, as this set function does not change q value if NULL is
passed.
We don't have idea about what can be a v
y(SignApk.java:272)
> at com.android.signapk.SignApk.main(SignApk.java:1210)
>
>
> My ubuntu version is 20.04.4 LTS
>
> openjdk version is 11.0.15 2022-04-19
>
> openssl version is 1.1.1r-dev built on Mon Aug 22 11:19:51 2022 UTC
>
>
> Any help is welcome.
>
is 1.1.1r-dev built on Mon Aug 22 11:19:51 2022 UTC
Any help is welcome.
**
努比亚技术有限公司 基础框架团队 李周华
联系电话:18706866323
地址:西安市高新唐延南路10号中兴产业园A座101
Email:0016003...@nubia.com
**
NOTES-* files. You may also have to
> look over your available compiler tool chain or change your configuration.
>
> target already defined - macosx-cross-x86_64 (offending arg:
> darwin64-x86_64-cc)
>
Now, my question is I want to build the OpenSSL using the targets defined
in my &qu
On Mon, May 09, 2022 at 06:00:14AM +, Srinivas, Saketh (c) wrote:
> I need to set the current_issuer field in an object of the
> X509_STORE_CTX structure. Can any suggest the setter function for
> this.
You almost certainly don't *need* to do this. What is the actual
high-level task you're t
HI,
i need to set the current_issuer field in an object of the X509_STORE_CTX
structure. Can any suggest the setter function for this.
Also, current_crl_score and current_reasons also are needed to be 0 for me. Can
you suggest setters for these variables.
Thanks,
Saketh.
Notice: This e-mail t
HI,
i need to set the current_issuer field in an object of the X509_STORE_CTX
structure. Can any suggest the setter function for this. current_crl_score and
current_reasons also are needed to be 0 for me. Can you suggest setters for
these variables.
Thanks,
Saketh.
Notice: This e-mail togeth
i am using openssl 3.0
From: openssl-users on behalf of Matt
Caswell
Sent: Tuesday, February 15, 2022 6:45 PM
To: openssl-users@openssl.org
Subject: [EXTERNAL] Re: need some help with the block size value
On 15/02/2022 12:13, Srinivas, Saketh (c) wrote:
>
On 15/02/2022 12:13, Srinivas, Saketh (c) wrote:
Hi,
i am trying to get the block size of EVP_des_ede3_cbc cipher using the
below function but it's not returning anything.
EVP_CIPHER_get_block_size(EVP_des_ede3_cbc())
This code looks fine to me, and I just tested this and it returned th
Hi,
i am trying to get the block size of EVP_des_ede3_cbc cipher using the below
function but it's not returning anything.
EVP_CIPHER_get_block_size(EVP_des_ede3_cbc())
Does anyone have any idea how to.
thanks,
Saketh.
Notice: This e-mail together with any attachments may contain information
Hi,
i am trying to modify a function which earlier used openss1 to compute shared
key the aruguments to the function are:
rc_vchar_t *pub , rc_vchar_t *priv ; '// public and private keys.
if (eay_v2bn(&dh->pub_key, pub) < 0)
goto end;
if (eay_v2bn(&dh->priv_key, priv) < 0)
alert" .
I think some issue with closing TLS connection in openssl3.
Can someone help me understand why?
thanks,
Saketh.
Notice: This e-mail together with any attachments may contain
information of Ribbon Communications Inc. and its Affiliates that is
confidential and/or proprietary for the s
think some issue with closing TLS connection in openssl3.
Can someone help me understand why?
thanks,
Saketh.
Notice: This e-mail together with any attachments may contain information of
Ribbon Communications Inc. and its Affiliates that is confidential and/or
proprietary for the sole use of th
ign docs for FIPS 3.0 module would be great help.
Thanking you in anticipation,
Sanjeev Kumar Mishra
/docs/manmaster/man7/OSSL_PROVIDER-FIPS.html<https://www.openssl.org/docs/manmaster/man7/OSSL_PROVIDER-FIPS.html>
NAME. OSSL_PROVIDER-FIPS - OpenSSL FIPS provider. DESCRIPTION. The OpenSSL F
ror: #error OpenSSL 1.0.1 or greater is
>required
>To satisfy this condition, I downloaded openssl-1.1.1l. I do not know how to
> configure/make this software to create the 5 sets of SSL libraries required by
> SSH to make for my 5 targets.
Have you read the README and INSTALL files
I am trying to cross-compile the SSL software on VMware running the following:
Linux Debian 3.16.0-4-686-pae #1 SMP Debian 3.16.36-1+deb8u2 (2016-10-19)
i686 GNU/Linux
I need to cross-compile the SSL software for the following targets running two
versions of the QNX Operating System:
nown-nto-qnx6.5.0/4.4.2/cc1
error 1
make[1]: *** [openssl-compat.o] Error 1
make[1]: Leaving directory `/home/williams/ssh/qnx650-ppcbespe/openbsd-compat'
make: *** [openbsd-compat/libopenbsd-compat.a] Error 2
In response, I downloaded OPENSSL Version 1.1.1l. I have no idea how to
configure
.html
Matt
Please let me know the Openssl 3.0 API's for the same.
Thanks and Regards,
Sunil
-Original Message-
From: Matt Caswell
Sent: Monday, October 25, 2021 3:03 PM
To: Paramashivaiah, Sunil ;
openssl-users@openssl.org
Cc: Kumar Mishra, Sanjeev
Subject: Re: [EXTERNAL]
Hi Matt,
Thanks for the help. I need get SSL members (ssl->session , ssl->ctx
, ssl->references) and set SSL member (ssl->tlsext_ocsp_resp).
Please let me know the Openssl 3.0 API's for the same.
Thanks and Regards,
Sunil
-Original Message-
F
{
ecGrpId = EC_GROUP_get_curve_name(evpKey->pkey.ec->group);
/* some code follows*/
Thanks and Regards,
Sunil
-Original Message-
From: Matt Caswell
Sent: Monday, October 25, 2021 2:23 PM
To: Paramashivaiah, Sunil ;
openssl-user
penssl.org
Subject: [EXTERNAL] Re: Need Help for Code Changes to Upgrade from OpenSSL
1.0.2 to 3.0
On 25/10/2021 05:45, Paramashivaiah, Sunil wrote:
> Hi All,
>
> I need get APIs for accessing the members of EVP_PKEY.
> Please suggest APIs to get following members of EVP_P
On 25/10/2021 05:45, Paramashivaiah, Sunil wrote:
Hi All,
I need get APIs for accessing the members of EVP_PKEY. Please
suggest APIs to get following members of EVP_PKEY
evpkey->type , evpkey->pkey.rsa , pubKey->pkey.ec->group.
EVP_PKEY_get_id() will get you the `evpkey->type`
Hi All,
I need get APIs for accessing the members of EVP_PKEY. Please suggest
APIs to get following members of EVP_PKEY
evpkey->type , evpkey->pkey.rsa , pubKey->pkey.ec->group.
Thanks and Regards,
Sunil
Notice: This e-mail together with any attachments may contain information of
Ribb
From: openssl-users On Behalf Of
Paramashivaiah, Sunil
Sent: Thursday, October 21, 2021 2:49 AM
To: openssl-users@openssl.org
Subject: Need Help for Code Changes to Upgrade from OpenSSL 1.0.2 to 3.0
Hi All,
Please let me know how I can replace the below 1.0.2 code to 3.0
SSL_
On 21/10/2021 09:48, Paramashivaiah, Sunil wrote:
Hi All,
Please let me know how I can replace the below 1.0.2 code to 3.0
* SSL_SESSION data;*
* SSL_SESSION *ret=NULL;*
**
* data.ssl_version = sessVersion;*
* data.session_id_length= sessIdLen;*
**
* memcpy(dat
Hi All,
Please let me know how I can replace the below 1.0.2 code to 3.0
SSL_SESSION data;
SSL_SESSION *ret=NULL;
data.ssl_version = sessVersion;
data.session_id_length= sessIdLen;
memcpy(data.session_id, sessId, sessIdLen);
CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
On 20/10/2021 11:41, Paramashivaiah, Sunil wrote:
Hi All,
Please let me know APIs to get members(ssl_version, session_id,
references and session_id_length) of SSL_SESSION structure variable.
For ssl_version you can use SSL_SESSION_get_protocol_version.
For session_id/session_id_le
On 20/10/2021 10:57, Kumar Mishra, Sanjeev wrote:
Hi,
I am upgrading the code from OpenSSL 1.0.1 to 3.0. I am getting
following compilation errors. Could you please suggest appropriate
changes for following-
1. X509err(X509_F_X509_STORE_ADD_CERT,ERR_R_MALLOC_FAILURE); error:
'X509er
Hi All,
Please let me know APIs to get members(ssl_version, session_id,
references and session_id_length) of SSL_SESSION structure variable.
Thanks and Regards,
Sunil
Notice: This e-mail together with any attachments may contain information of
Ribbon Communications Inc. and its Affiliate
Hi,
I am upgrading the code from OpenSSL 1.0.1 to 3.0. I am getting following
compilation errors. Could you please suggest appropriate changes for following-
1. X509err(X509_F_X509_STORE_ADD_CERT,ERR_R_MALLOC_FAILURE); error:
'X509err' was not declared in this scope
2. RSA *rsa = RSA_n
Hi,
We encrypt data using openSSL C++ API, decrypt data using java(default
security package).
99.9% of the time, it works fine, but when multi-instances of apps encrypt
data at same time, java fails to decrypt .
We are using version 1.1.01 (AES/CBC/PKCS5Padding)
mpCtx = EVP_CIPHER_CTX_new();
EV
> From: openssl-users On Behalf Of Jakob
> Bohm via openssl-users
> Sent: Monday, 23 August, 2021 04:40
>
> On 21/08/2021 19:42, Michael Wojcik wrote:
> >> From: rgor...@centerprism.com
> >> Sent: Saturday, 21 August, 2021 11:26
> >>
> >> My openssl.cnf (I have tried `\` and `\\` and `/` director
On 21/08/2021 19:42, Michael Wojcik wrote:
From: rgor...@centerprism.com
Sent: Saturday, 21 August, 2021 11:26
My openssl.cnf (I have tried `\` and `\\` and `/` directory separators):
Use forward slashes. Backslashes should work on Windows, but forward slashes work
everywhere. I don't know th
Am 21.08.21 um 19:53 schrieb rgor...@centerprism.com:
I am fine on the command line. I just need a little help with openssl. Do you
have any ideas on setting the hostname with openssl.cnf?
If it would be bash on Linux, scripting this not a challenge. About Windows: No
idea, sorry.
Subject: Re: Need some help signing a certificate request
Hi rgor...@centerprism.com,
the substitution for your CA did not work: 'Subject: CN = $(hostname), O =
server'.
My recommendation, if you are not familiar with openssl and the command line
would be, use XCA, there is a Windo
I am fine on the command line. I just need a little help with openssl. Do you
have any ideas on setting the hostname with openssl.cnf?
-Original Message-
From: openssl-users On Behalf Of Keine Eile
Sent: Saturday, August 21, 2021 1:46 PM
To: openssl-users@openssl.org
Subject: Re: Need
It was the index.txt like you said. Thank you.
-Original Message-
From: openssl-users On Behalf Of Michael
Wojcik
Sent: Saturday, August 21, 2021 1:43 PM
To: openssl-users@openssl.org
Subject: RE: Need some help signing a certificate request
> From: rgor...@centerprism.com
>
qgX3nPU80vK/Q
SrRacEUzOrinThIZ4Wvv0Mjlg7BLbIdOFJkVerYzZKN8kg4V1N3HNR13iP5EuJuv
-END CERTIFICATE REQUEST-
-Original Message-
From: openssl-users On Behalf Of Michael
Wojcik
Sent: Saturday, August 21, 2021 1:22 PM
To: openssl-users@openssl.org
Subject: RE: Need some help signing a certificate request
> From: rgor...@centerprism.com
> Sent: Saturday, 21 August, 2021 11:26
>
> My openssl.cnf (I have tried `\` and `\\` and `/` directory separators):
Use forward slashes. Backslashes should work on Windows, but forward slashes
work everywhere. I don't know that "\\" will work anywhere.
> [ ca
SrRacEUzOrinThIZ4Wvv0Mjlg7BLbIdOFJkVerYzZKN8kg4V1N3HNR13iP5EuJuv
-END CERTIFICATE REQUEST-
-Original Message-
From: openssl-users On Behalf Of Michael
Wojcik
Sent: Saturday, August 21, 2021 1:22 PM
To: openssl-users@openssl.org
Subject: RE: Need some help signing a certificate request
> From: openssl-users On Behalf Of
>
keyUsage = digitalSignature,keyEncipherment
extendedKeyUsage = 1.3.6.1.5.5.7.3.1
-Original Message-
From: openssl-users On Behalf Of Michael
Wojcik
Sent: Saturday, August 21, 2021 1:22 PM
To: openssl-users@openssl.org
Subject: RE: Need some help signing a certificate request
> F
ceptions are mostly the cmd.exe built-ins.
> On Sat, Aug 21, 2021 at 09:21 <mailto:rgor...@centerprism.com> wrote
> When I type ‘openssl ca -config .\openssl.cnf -in ../server/req.pem -out
We need to see the contents of openssl.cnf. It might also help to have the CSR
(req.pem). Since a
Thanks for the comment. I have tried both `/` and `\` with no change.
From: openssl-users On Behalf Of Tom Browder
Sent: Saturday, August 21, 2021 11:41 AM
Cc: openssl-users@openssl.org
Subject: Re: Need some help signing a certificate request
On Sat, Aug 21, 2021 at 09:21 mailto:rgor
On Sat, Aug 21, 2021 at 09:21 wrote
...
> When I type ‘openssl ca -config .\openssl.cnf -in ../server/req.pem -out
>
I don't do wndows, but your directory separators are not consistent--not
sure of the effect.
-Tom
ng out. No 'server_certificate.pem' anywhere I can find.
Any help diagnosing this will be appreciated.
On 8/17/2021 9:47 PM, Sands, Daniel via openssl-users wrote:
The dump you show below is:
Attributes (set, tagged with a 0, optional)
Version
privateKeyAlgorithm
privateKey
This is a PKCS#8 packet for a key. The encapsulated data is the RSA public key
in PKCS1 format. I know OpenSSL has built-
> My latest attempt to code the below DER is this. It compiles, but the d2i
> segfaults on apparently the second element.
>
> Anything obviously wrong?
>
> typedef struct {
> ASN1_INTEGER *version;
> ASN1_INTEGER *serialNumber;
> X509_ALGOR *signature;
> X509_PUBKEY *key;
>
My latest attempt to code the below DER is this. It compiles, but the d2i
segfaults on
apparently the second element.
Anything obviously wrong?
typedef struct {
ASN1_INTEGER *version;
ASN1_INTEGER *serialNumber;
X509_ALGOR *signature;
X509_PUBKEY *key;
} TPM_ADDTOCERT;
ASN1_S
On 8/17/2021 12:57 PM, Sands, Daniel via openssl-users wrote:
Now I would like to do the other end, where I have der and I want to
parse back to the structure, using d2i()
1 - Is there a tutorial on this?
Seems like you don't need one. If you got i2d working you should have d2i
already!
I
Locking in OpenSSL 1.1.1 and later is completely different. You no
longer need to and should not try to register the locking callbacks.
Pauli
On 17/8/21 11:59 pm, Kumar Mishra, Sanjeev wrote:
Hi All,
I am upgrading the code from OpenSSL 1.0.1 to OpenSSL 3.0.
I am getting compilation errors f
> >> Now I would like to do the other end, where I have der and I want to
> >> parse back to the structure, using d2i()
> >>
> >> 1 - Is there a tutorial on this?
> >
> > Seems like you don't need one. If you got i2d working you should have d2i
> already!
> >
>
> I wasn't clear. The input and out
On 8/17/2021 10:38 AM, Matt Caswell wrote:
On 16/08/2021 21:56, Ken Goldman wrote:
I am trying to parse some ASN.1 DER so I can add it to an X.509 certificate.
For the input side, a poster showed me
ASN1_SEQUENCE, ASN1_SEQUENCE_END, and then
DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS
On 16/08/2021 21:56, Ken Goldman wrote:
I am trying to parse some ASN.1 DER so I can add it to an X.509
certificate.
For the input side, a poster showed me
ASN1_SEQUENCE, ASN1_SEQUENCE_END, and then
DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS
which created the i2d() function.
It sho
Hi All,
I am upgrading the code from OpenSSL 1.0.1 to OpenSSL 3.0.
I am getting compilation errors for deprecated functions and macros like
"CRYPTO_num_locks()" , "CRYPTO_LOCK" ..etc. But there is not any
replacement for these functions and macros in OpenSSL 3.0.
How can I handle these compil
I am trying to parse some ASN.1 DER so I can add it to an X.509 certificate.
For the input side, a poster showed me
ASN1_SEQUENCE, ASN1_SEQUENCE_END, and then
DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS
which created the i2d() function.
Now I would like to do the other end, where I have d
-protection
> > > -fcf-protection -Wa,--noexecstack
> > > -Wa,--generate-missing-build-notes=yes
> > > -specs=/usr/lib/rpm/redhat/redhat-hardened-ld
> > -DOPENSSL_USE_NODELETE
> > > -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ
> > -DOPENSSL_IA32_SSE2
> > > -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5
> > -DOPENSSL_BN_ASM_GF2m
> > > -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM
> > -DRC4_ASM
> > > -DMD5_ASM -DAESNI_ASM -DVPAES_ASM -DGHASH_ASM
> > -DECP_NISTZ256_ASM
> > > -DX25519_ASM -DPOLY1305_ASM -DZLIB -DNDEBUG -DPURIFY
> > > -DDEVRANDOM="\"/dev/urandom\""
> > >
> > -DSYSTEM_CIPHERS_FILE="/etc/crypto-policies/back-
> > ends/openssl.config"
> > >
> > > OPENSSLDIR: "/etc/pki/tls"
> > >
> > > ENGINESDIR: "/usr/lib64/engines-1.1"
> > >
> > > Seeding source: os-specific
> > >
> > > engines:rdrand dynamic
> > >
> > >
> > > Really appriciate your time and help, thanks in advance.
> > >
> > > Thanks,
> > > Vinod
> > >
> >
>
-DSYSTEM_CIPHERS_FILE="/etc/crypto-policies/back-ends/openssl.config"
>
> OPENSSLDIR: "/etc/pki/tls"
>
> ENGINESDIR: "/usr/lib64/engines-1.1"
>
> Seeding source: os-specific
>
> engines:rdrand dynamic
>
>
> Really appriciate your time and help, thanks in advance.
>
> Thanks,
> Vinod
>
; -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM
> > -DMD5_ASM -DAESNI_ASM -DVPAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM
> > -DX25519_ASM -DPOLY1305_ASM -DZLIB -DNDEBUG -DPURIFY
> > -DDEVRANDOM="\"/dev/urandom\""
> > -DSYSTEM_CIPHERS_FILE="/etc/crypto-policies/back-ends/openssl.config"
> >
> > OPENSSLDIR: "/etc/pki/tls"
> >
> > ENGINESDIR: "/usr/lib64/engines-1.1"
> >
> > Seeding source: os-specific
> >
> > engines:rdrand dynamic
> >
> >
> > Really appriciate your time and help, thanks in advance.
> >
> > Thanks,
> > Vinod
> >
>
o-policies/back-ends/openssl.config"
OPENSSLDIR: "/etc/pki/tls"
ENGINESDIR: "/usr/lib64/engines-1.1"
Seeding source: os-specific
engines:rdrand dynamic
Really appriciate your time and help, thanks in advance.
Thanks,
Vinod
K1600_ASM -DRC4_ASM -DMD5_ASM
> -DAESNI_ASM -DVPAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM
> -DPOLY1305_ASM -DZLIB -DNDEBUG -DPURIFY -DDEVRANDOM="\"/dev/urandom\""
> -DSYSTEM_CIPHERS_FILE="/etc/crypto-policies/back-ends/openssl.config"
>
> OPENSSLDIR: "/etc/pki/tls"
>
> ENGINESDIR: "/usr/lib64/engines-1.1"
>
> Seeding source: os-specific
>
> engines: rdrand dynamic
>
> Really appriciate your time and help, thanks in advance.
>
> Thanks,
> Vinod
>
ce: os-specific
engines: rdrand dynamic
Really appriciate your time and help, thanks in advance.
Thanks,
Vinod
On Fri, Apr 16, 2021 at 04:27:23PM +, Richard Simard wrote:
> root@PKI:/# /usr/bin/openssl ca
> -selfsign
^
> -config /etc/root-ca.conf
> -in /ca/network-ca/csr/network-ca.csr
> -out /ca/network-ca/crt/network-ca.crt
> -extensions intermediate_ca_ext
> -startdate 202101
: 16 avril 2021 12:27
À : openssl-users@openssl.org
Objet : Help request
When I try to sign a certificate, I get this message and yet the certificate
and the key match Someone can help me?
Tank You!
Richard Simard
root@PKI:/# /usr/bin/openssl ca -selfsign -config /etc/root-ca.conf -in
/ca/ne
When I try to sign a certificate, I get this message and yet the certificate
and the key match
Someone can help me?
Tank You!
Richard Simard
root@PKI:/# /usr/bin/openssl ca -selfsign -config /etc/root-ca.conf -in
/ca/network-ca/csr/network-ca.csr -out /ca/network-ca/crt/network-ca.crt
L_1.0.2_to_OpenSSL_1.1.1_guide
>>
>>
>>
>> -Tom
>>
>>
>>
>> *From:* openssl-users *On Behalf Of *
>> Fabio
>> *Sent:* Tuesday, April 13, 2021 12:59 AM
>> *To:* openssl-users@openssl.org
>> *Subject:* Re: Help with i2d_CMS
gt; *Sent:* Tuesday, April 13, 2021 12:59 AM
> *To:* openssl-users@openssl.org
> *Subject:* Re: Help with i2d_CMS_bio_stream from OpenSSL 1.0 to OpenSSL
> 1.1.1j
>
>
>
> Hi,
>
> no one have some hints?
>
>
>
> Il giorno gio 8 apr 2021 alle ore 10:53 Fabio ha
> scritto
Hello,
Are there any clues for you here?
https://wiki.tizen.org/Security/Tizen_5.X_Migration_from_OpenSSL_1.0.2_to_OpenSSL_1.1.1_guide
-Tom
From: openssl-users On Behalf Of Fabio
Sent: Tuesday, April 13, 2021 12:59 AM
To: openssl-users@openssl.org
Subject: Re: Help with i2d_CMS_bio_stream
Hi,
no one have some hints?
Il giorno gio 8 apr 2021 alle ore 10:53 Fabio ha scritto:
> Hi all,
> I have a problem upgrading my code from openssl 1.0 to the last 1.1.1j.
> Using an older version, I exported the CMS code in order to extend and
> modify some calculations. I used i2d_CMS_bio_stream
Hi all,
I have a problem upgrading my code from openssl 1.0 to the last 1.1.1j.
Using an older version, I exported the CMS code in order to extend and
modify some calculations. I used i2d_CMS_bio_stream to convert the struct
to DER.
Using OpenSSL 1.1.1j i had to change all the DECLARE_STACK_OF in
Hi Craig,
On Wed, Dec 09, 2020 at 08:35:46PM +0900, Craig Henry wrote:
> Hi,
>
> This is my first post to this list so please be kind!
>
> Environment - Linux Centos
> SSL - 1.0.2k19-el7
>
> Connection - CURL (via PHP) with public / private key auth + http basic auth
>
> We're having an issue
On 09/12/2020 11:35, Craig Henry wrote:
> Hi,
>
> This is my first post to this list so please be kind!
>
> Environment - Linux Centos
> SSL - 1.0.2k19-el7
>
> Connection - CURL (via PHP) with public / private key auth + http basic auth
>
> We're having an issue where we are seeing intermitt
Hi,
curl on RHEL-7 and Centos 7 uses NSS and not OpenSSL as the TLS
backend. So this is unfortunately a wrong mailing list to ask.
Tomas Mraz
On Wed, 2020-12-09 at 20:35 +0900, Craig Henry wrote:
> Hi,
>
> This is my first post to this list so please be kind!
>
> Environment - Linux Centos
>
Hi,
This is my first post to this list so please be kind!
Environment - Linux Centos
SSL - 1.0.2k19-el7
Connection - CURL (via PHP) with public / private key auth + http basic auth
We're having an issue where we are seeing intermittent behavior connecting
to a 3rd party of the key being rejecte
Hello,
Could anyone help me to compile the openssl static libraries under ARMV4i
compiler.
I have tried and spent long time, still getting error message.
Winsock2.h error servent:struct type redefinition. Return code 0x2.
Thanks
Geetha
Hi,
I am trying to do a walkthrough of verifying a certificate signing.
1) I have pulled the signature as follows:
openssl asn1parse -in cert.pem -out cert.sig -noout -strparse 638
The offset of 638 is because asn1parse of the cert.pem file produces:
625:d=2 hl=2 l= 9 prim: OBJECT
Hi All,
I am seeking help on generating FIPS compliance OpenSSL libs for Android Native
Application.
I am trying to build openssl-1.0.2t with the FIPS module openssl-fips-2.0.16 to
support 64-bit android devices, I have tried following the steps on the Openssl
wiki <https://wiki.openssl.
On 23/07/2020 23:06, John Baldwin wrote:
> On 6/10/20 3:48 PM, John Baldwin wrote:
>> On 6/8/20 4:12 AM, Kurt Roeckx wrote:
>>> On Thu, Jun 04, 2020 at 09:00:08AM -0700, John Baldwin wrote:
At the moment there are 3 open PRs related to Kernel TLS offload
support that I'm aware of:
On 6/10/20 3:48 PM, John Baldwin wrote:
> On 6/8/20 4:12 AM, Kurt Roeckx wrote:
>> On Thu, Jun 04, 2020 at 09:00:08AM -0700, John Baldwin wrote:
>>> At the moment there are 3 open PRs related to Kernel TLS offload
>>> support that I'm aware of:
>>>
>>> - 11589 adds TLS1.3 for Linux, has one approva
On 6/8/20 4:12 AM, Kurt Roeckx wrote:
> On Thu, Jun 04, 2020 at 09:00:08AM -0700, John Baldwin wrote:
>> At the moment there are 3 open PRs related to Kernel TLS offload
>> support that I'm aware of:
>>
>> - 11589 adds TLS1.3 for Linux, has one approval from Matt Caswell
>> - 10626 adds TLS1.3 for
On Thu, Jun 04, 2020 at 09:00:08AM -0700, John Baldwin wrote:
> At the moment there are 3 open PRs related to Kernel TLS offload
> support that I'm aware of:
>
> - 11589 adds TLS1.3 for Linux, has one approval from Matt Caswell
> - 10626 adds TLS1.3 for FreeBSD, from which 11589 is derived, but wi
hink it is probably prudent for it to be merged
first at for me to then rebase the other two PRs on top of that
and resolve conflicts, etc.
Is there anything I can do to help with getting 11589 merged? I'm
not an OpenSSL committer, so I can't formally add the second
approval it needs.
existing project to build the
executable.
What are the relevant files of the source code shall I use ?
Thanks. Appreciate your help.
[RF IDeas]<http://www.rfideas.com/>
Deep Patel
Embedded Software Engineer
D:
224-333-2084
P:
847-870-1723 Ext 437
E:
ddpa...@rfideas.com<mailto:ddpa...@rf
supporting my target
environment/hardware ?
Thanks. Appreciate your help.
[RF IDeas]<http://www.rfideas.com/>
Deep Patel
Embedded Software Engineer
D:
224-333-2084
P:
847-870-1723 Ext 437
E:
ddpa...@rfideas.com<mailto:ddpa...@rfideas.com>
A:
4020 Winnetka Ave., Rolling Mea
MECapability.3 = SEQWRAP, OID:aes-256-ecb
> SMIMECapability.4 = SEQWRAP, OID:aes-256-cbc
> SMIMECapability.5 = SEQWRAP, OID:aes-256-ofb
> SMIMECapability.6 = SEQWRAP, OID:aes-128-ecb
> SMIMECapability.7 = SEQWRAP,
= 1.3.6.1.4.1.51063.0.1.0
GroupeSTIDevice = 1.3.6.1.4.1.51063.0.1.1
GroupeSTIAssuranceEV= 1.3.6.1.4.1.51063.0.1.2
De : openssl-users De la part de Libor
Chocholaty
Envoyé : 6 avril 2020 16:42
À : openssl-users@openssl.org
Objet : Re: Help with certificatePol
Hi,
could you share commands that led to this error?
It looks to me referenced non existent section in config file like as
param "-extensions" option.
Regards,
Libor
On 2020-04-06 19:43, Richard Simard wrote:
> Hi!
>
> Anybody can help me whit this error?
>
>
Hi!
Anybody can help me whit this error?
Error Loading extension section server_cert
140091048477824:error:0E06D06C:configuration file routines:NCONF_get_string:no
value:../crypto/conf/conf_lib.c:273:group=CA_default name=email_in_dn
140091048477824:error:0E06D06C:configuration file
s.
Thanks for your help,
Jason
rGuide-2.0.pdf,Appendix
C Example OpenSSL Based Application,C1, which creates one Makefile and one c
source code file. when run make command, it always use ld to do the link, not
the fipsld, but when I run command like :
make CC=/path/to/fipsld
it seems ran into loop, so, I need your help abo
CC=/path/to/fipsld
> it seems ran into loop, so, I need your help about what to fix to make
> the example works.
>
>
>
>
>
>
1 - 100 of 1801 matches
Mail list logo
