RE: Open SSL 1.1.1 and Vxworks 5.4.2 - Query on Entropy source

Users, An update here: See that we have OPENSSL_RAND_SEED_OS defined on our VxWorks based system. Would it be a trusted entropy source ? The default for VxWorks seems to be OPENSSL_RAND_SEED_NONE. Thanks, Prithvi From: Prithvi Raj R (Nokia) Sent: Tuesday, April 30, 2024 12:47 AM To: openssl-us

Re: Open SSL version with FIPS Certified code and TLS 1.2 Support

On Tue, Jul 22, 2014 at 11:50 PM, Arun Kumar wrote: > Hi, > > We need OpenSSL which supports TLS 1.2 (RFC 5246). > Please let me know which version We can use? > Currently we are using OpenSSL-FIPS-1.2, We need FIPS version. Check the CHANGE LOG at http://www.openssl.org/news/changelog.html. Searc

RE: Open SSL version with FIPS Certified code and TLS 1.2 Support

esday, July 22, 2014 8:50 PM To: openssl-users@openssl.org; openssl-annou...@openssl.org; openssl-...@openssl.org Subject: Re: Open SSL version with FIPS Certified code and TLS 1.2 Support Hi, We need OpenSSL which supports TLS 1.2 (RFC 5246). Please let me know which version We can use? Currently w

Re: Open SSL version with FIPS Certified code and TLS 1.2 Support

Hi, We need OpenSSL which supports TLS 1.2 (RFC 5246). Please let me know which version We can use? Currently we are using OpenSSL-FIPS-1.2, We need FIPS version. On Tue, Jul 22, 2014 at 10:42 PM, Arun Kumar wrote: > Hi, > > We are currently using below version: > > openssl-fips-1.2.tar.gz >

Re: Open SSL version with FIPS Certified code and TLS 1.2 Support

On 07/22/2014 01:12 PM, Arun Kumar wrote: > Hi, > > We are currently using below version: > > openssl-fips-1.2.tar.gz > > > We need to upgrade to OPENSSL Version with FIPS certification and It should > support TLS 1.2. > > Please recomm

Re: Open SSL Upgrade

On 5/29/2014 5:18 AM, Shunmugavel Krishnan wrote: Hi, I am planning to upgrade open SSL in my operating system(RHEL). I have applications running in the system, i.e. Tomcat web application, Web server, Message broker etc. Do i need to check for compatible issues before i go with the upgrade. Tha

Re: Open SSL errors increase in Linux compared with Solaris

On 01/22/2014 11:40 PM, Dave Thompson wrote: Originally it meant the connection is terminated *abnormally* by the other end, as opposed to a normal/graceful FIN exchange. Windows sends RST if an application crashes, but all Unixes I have seen do FIN, unless the application forces RST by setting

RE: Open SSL errors increase in Linux compared with Solaris

a > subsidiary of The Bank of New York Mellon Corporation > > http://www.inautix.co.in > > VOIP: 612-15112 > > Email: kthiru...@inautix.co.in<mailto:kthiru...@inautix.co.in> > > > > Information Classification: Internal Use Only > > > > From: owner-o

Re: Open SSL errors increase in Linux compared with Solaris

autix.co.in> > > Information Classification: Internal Use Only > > From: owner-openssl-us...@openssl.org > [mailto:owner-openssl-us...@openssl.org] On Behalf Of Dave Thompson > Sent: Tuesday, January 07, 2014 4:08 AM > To: openssl-users@openssl.org > Subject: RE: Open SSL errors incr

RE: Open SSL errors increase in Linux compared with Solaris

sl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of Dave Thompson Sent: Tuesday, January 07, 2014 4:08 AM To: openssl-users@openssl.org Subject: RE: Open SSL errors increase in Linux compared with Solaris 1: 0.9.8a is VERY old, and contains quite a few security flaws that have been fixed

RE: Open SSL errors increase in Linux compared with Solaris

1: 0.9.8a is VERY old, and contains quite a few security flaws that have been fixed since. Even if your application(s) can't accept the fairly small changes needed to move to 1.0.0 or better 1.0.1, try at least to move up to or near 0.9.8y. 2: whenever you get ERROR_SYSCALL you should always

RE: Open SSL API's Support For IPv6.

> From: owner-openssl-us...@openssl.org On Behalf Of Akanksha Shukla > Sent: Thursday, 03 November, 2011 11:25 > I want to summarize > I am using the SSL API's for client application to get connect > to server and that worked fine over IPv4. Now my requirement is to > ha

Re: Open SSL API's Support For IPv6.

. From: Akanksha Shukla Sent: Thursday, November 03, 2011 7:25 PM To: openssl-users@openssl.org Subject: RE: Open SSL API's Support For IPv6. Hi All, I want to summarize what issue has been faced by me till now and

RE: Open SSL API's Support For IPv6.

lear why the error log is coming as 0 in approach 3 while in case 1 and case 2, I can see some error thrown by SSL API's. I don't think in case 3, I am missing something which could cause error as 0. 4) I am not sure whether to ask this or not. But is it possible for someone to try the app

RE: RE: Open SSL API's Support For IPv6.

users@openssl.org; carlyo...@keycomm.co.uk Subject: RE: RE: Open SSL API's Support For IPv6. Hi, I am sorry if I misunderstood things. I went through the text quoted by him. Also, I did google search for that and what I understood was: ERR_load_crypto_strings() registers the error strings for all

RE: Open SSL API's Support For IPv6.

> From: owner-openssl-us...@openssl.org On Behalf Of Akanksha Shukla > Sent: Monday, 31 October, 2011 08:48 > { >FILE * pFile1; >char mystring [500]; >pFile1 = fopen ("result.txt","a"); >i

RE: RE: Open SSL API's Support For IPv6.

owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of Jeremy Farrell Sent: Tuesday, November 01, 2011 1:39 AM To: openssl-users@openssl.org; carlyo...@keycomm.co.uk Subject: RE: RE: Open SSL API's Support For IPv6. > From: Akanksha Shukla [mailto:akshu

RE: RE: Open SSL API's Support For IPv6.

> From: Akanksha Shukla [mailto:akshu...@cisco.com] > > Hi Carl, > > I added the API's call as mentioned by you in the else part to get the > dump > of the error. But this time also, I am not successful. > else > { > SSL_load_error_strings(); > SSL_li

RE: RE: Open SSL API's Support For IPv6.

To: openssl-users@openssl.org; Akanksha Shukla Subject: Re: RE: Open SSL API's Support For IPv6. > On Mon 31/10/11 4:25 PM , "Akanksha Shukla" akshu...@cisco.com sent: > Hi Michael, > > Thanks for the reply. But I think the issue is not from the C perspective. > As

Re: RE: Open SSL API's Support For IPv6.

> On Mon 31/10/11 4:25 PM , "Akanksha Shukla" akshu...@cisco.com sent: > Hi Michael, > > Thanks for the reply. But I think the issue is not from the C perspective. > As I already mentioned, that if I use fputs to directly write a string to > file, then I am able to do that successfully. But when I

RE: Open SSL API's Support For IPv6.

-openssl-us...@openssl.org] On Behalf Of Michael S. Zick Sent: Monday, October 31, 2011 10:19 PM To: openssl-users@openssl.org Subject: Re: Open SSL API's Support For IPv6. On Mon October 31 2011, Akanksha Shukla wrote: >                 ERR_print_errors_fp(stderr); > Because your writin

Re: Open SSL API's Support For IPv6.

On Mon October 31 2011, Akanksha Shukla wrote: >                 ERR_print_errors_fp(stderr); > Because your writing to stderr rather than pFile? Mike __ OpenSSL Project http://www.openssl.org Use

RE: Open SSL API's Support For IPv6.

arify. Thanks Akanksha Shukla. -Original Message- From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of Michael S. Zick Sent: Monday, October 31, 2011 6:49 PM To: openssl-users@openssl.org Subject: Re: Open SSL API's Support For IPv6. On Mon Octob

Re: Open SSL API's Support For IPv6.

On Mon October 31 2011, Akanksha Shukla wrote: > > Could you please have a look and help me here. > I am not able to proceed further. > Sorry, I do not have the required experience in either "C" or "C like" languages to be of any help. And you really need the help of a beginner's coding forum.

RE: Open SSL API's Support For IPv6.

@openssl.org] On Behalf Of Akanksha Shukla Sent: Saturday, October 29, 2011 11:47 PM To: openssl-users@openssl.org Subject: RE: Open SSL API's Support For IPv6. Hi Michael, Sorry for the confusion caused but the whole code sequence is like this: int retryCounter = 0; while(retryCo

RE: Open SSL API's Support For IPv6.

as well as IPV6. Thanks Akanksha Shukla. -Original Message- From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of Michael S. Zick Sent: Wednesday, October 26, 2011 2:26 AM To: openssl-users@openssl.org Subject: Re: Open SSL API's Support

Re: Open SSL API's Support For IPv6.

gt; > So, could you please suggest what mistake I am doing here that SSL errors > are not being getting written in file and also any other suggestions to try > out. > Q? How many times do you intend to open that file inside of the while loop without ever flushing or closing it? Mi

RE: Open SSL API's Support For IPv6.

r-openssl-us...@openssl.org] On Behalf Of Dr. Stephen Henson Sent: Tuesday, October 25, 2011 4:34 AM To: openssl-users@openssl.org Subject: Re: Open SSL API's Support For IPv6. On Sun, Oct 23, 2011, Akanksha Shukla wrote: > Hi Stephen, > > > > I tried with

Re: Open SSL API's Support For IPv6.

On Sun, Oct 23, 2011, Akanksha Shukla wrote: > Hi Stephen, > > > > I tried with retry logic as well (though earlier it was also same), but same > result. > > > > int retryCounter = 0; > > while(retryCounter < CONNECT_MAX_TRY) > > { > > int retVal = BIO_do_connect(conn); > > if(

RE: Open SSL API's Support For IPv6.

: RE: Open SSL API's Support For IPv6. Hi Stephen, I tried with retry logic as well (though earlier it was also same), but same result. int retryCounter = 0; while(retryCounter < CONNECT_MAX_TRY) { int retVal = BIO_do_connect(conn); if(retVal <= 0) {

RE: Open SSL API's Support For IPv6.

Stephen Henson Sent: Sunday, October 23, 2011 1:45 AM To: openssl-users@openssl.org Subject: Re: Open SSL API's Support For IPv6. On Sat, Oct 22, 2011, Akanksha Shukla wrote: > > 5) BIO_set_nbio(conn, 1); > > 6) int retVal = BIO_do_connect(conn); >

Re: Open SSL API's Support For IPv6.

On Sat, Oct 22, 2011, Akanksha Shukla wrote: > > 5) BIO_set_nbio(conn, 1); > > 6) int retVal = BIO_do_connect(conn); > > if(retVal <= 0) > > { > > cout << " The Bio_do_connect failed" << endl; > > } > > > > After executing the program, I am getting output as : > >

RE: Open SSL API's Support For IPv6.

me error in both the cases. I would request to please have a look and suggest something. Thanks Akanksha Shukla. -Original Message- From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of Dr. Stephen Henson Sent: Thursday, September 29, 2011 11:0

Re: Open SSL API's Support For IPv6.

On Thu, Sep 29, 2011, Akanksha Shukla wrote: > Hi All, > > I tried following things: > > > > 1) Made socket() system call with AF_INET6 family type. > > 2) Made connect() system call to get connected to destination address > using the socket created above. > > 3) Then made ca

RE: Open SSL API's Support For IPv6.

-users@openssl.org Subject: RE: Open SSL API's Support For IPv6. Hi Nilotpal, I tried following things: 1) Made socket() system call with AF_INET6 family type. 2) Made connect() system call to get connected to destination address using the socket created above. 3)

RE: Open SSL API's Support For IPv6.

Sent: Thursday, September 22, 2011 2:59 PM To: openssl-users@openssl.org Subject: Re: Open SSL API's Support For IPv6. Hi, You can try this once. Use socket library connect() to get the connected socket. Then use BIO_new_socket() and pass the connected socket descriptor. Then, on the

Re: Open SSL API's Support For IPv6.

API's which has support over IPv6. > > Thanks > Akanksha Shukla. > > -Original Message- > From: owner-openssl-us...@openssl.org > [mailto:owner-openssl-us...@openssl.org] On Behalf Of Wim Lewis > Sent: Thursday, September 22, 2011 1:25 AM > To: openssl-users@ope

RE: Open SSL API's Support For IPv6.

Original Message- From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of Wim Lewis Sent: Thursday, September 22, 2011 1:25 AM To: openssl-users@openssl.org Subject: Re: Open SSL API's Support For IPv6. On 21 Sep 2011, at 6:17 AM, Akanksha Shukla wrote:

Re: Open SSL API's Support For IPv6.

On 21 Sep 2011, at 6:17 AM, Akanksha Shukla wrote: > Currently we are using OpenSSL 0.9.8 version. I have question about few of > the API's support for IPV6. > > 1) BIO_new_connect() [...] > > Queries : > 1) Do the above mentioned API's support IPv6? I don't think so. BIO_new_connect() (and BIO

Re: Open SSL Error 14094412

On 05/31/2011 03:02 PM, David Mitchell wrote: > > On May 31, 2011, at 2:32 PM, Dave Thompson wrote: > >>> From: owner-openssl-us...@openssl.org On Behalf Of David Mitchell >>> Sent: Friday, 27 May, 2011 12:35 >> >>> I'm having some problems with EAP-TLS in FreeRadius 2.1.10. I >>> have a client

Re: Open SSL Error 14094412

On May 31, 2011, at 2:32 PM, Dave Thompson wrote: >> From: owner-openssl-us...@openssl.org On Behalf Of David Mitchell >> Sent: Friday, 27 May, 2011 12:35 > >> I'm having some problems with EAP-TLS in FreeRadius 2.1.10. I >> have a client >> where authentication attempts always fail with the re

RE: Open SSL Error 14094412

> From: owner-openssl-us...@openssl.org On Behalf Of David Mitchell > Sent: Friday, 27 May, 2011 12:35 > I'm having some problems with EAP-TLS in FreeRadius 2.1.10. I > have a client > where authentication attempts always fail with the relatively generic > error below. I've tried to figure out wh

Re: Open ssl FIS Mode

According to the users guide, openssl 1.0.0d is not supported with fips object module. You have to use any 0.9.8j+ series of regular library but not 1.0.0+ . Verify it in the latest available users guide. All the procedures are mentioned in the guide to link your application to the FIPS object modu

Re: Open SSL installtion on Solaris - 10

On 02/27/11 9:13 AM, Sander Temme wrote: On Feb 27, 2011, at 2:02 AM, John R Pierce wrote: but, my Sol10 systems appear to already have an openssl in /usr/sfw/bin (and libraries in /usr/sfw/lib, etc) which is maintained by Oracle Last time I was on a Solaris box, that one seemed to be stuck

Re: Open SSL installtion on Solaris - 10

On Feb 27, 2011, at 2:02 AM, John R Pierce wrote: > but, my Sol10 systems appear to already have an openssl in /usr/sfw/bin (and > libraries in /usr/sfw/lib, etc) which is maintained by Oracle Last time I was on a Solaris box, that one seemed to be stuck at 0.9.7. S. -- san...@temme.net

RE: Open SSL installtion on Solaris - 10

[mailto:owner-openssl-us...@openssl.org] On Behalf Of David Kirkby Sent: Sunday, February 27, 2011 9:46 AM To: openssl-users@openssl.org Cc: John R Pierce Subject: Re: Open SSL installtion on Solaris - 10 On 27 February 2011 10:02, John R Pierce wrote: > On 02/27/11 12:03 AM, pattabi raman wrote: >&

Re: Open SSL installtion on Solaris - 10

On 27 February 2011 10:02, John R Pierce wrote: > On 02/27/11 12:03 AM, pattabi raman wrote: >> >> Hi, >> I need to install open ssl in our solaris-10 machine. Currently Solaris >> has GCC Compiler 2.95. >> As I checked from the site, mentioned that Openssl needs GCC compiler 3.3. >> So Open ssl w

Re: Open SSL installtion on Solaris - 10

On 02/27/11 12:03 AM, pattabi raman wrote: Hi, I need to install open ssl in our solaris-10 machine. Currently Solaris has GCC Compiler 2.95. As I checked from the site, mentioned that Openssl needs GCC compiler 3.3. So Open ssl will work only with gcc 3.3 ? Gcc upgrade is necessary ? Will sol

Re: Open SSL installtion on Solaris - 10

On 02/27/11 08:03 AM, pattabi raman wrote: Hi, I need to install open ssl in our solaris-10 machine. Currently Solaris has GCC Compiler 2.95. As I checked from the site, mentioned that Openssl needs GCC compiler 3.3. So Open ssl will work only with gcc 3.3 ? Gcc upgrade is necessary ? Will sol

Re: Open SSL via dyndns.org

* tobias.sem...@diemer-ing.de wrote on Tue, Apr 14, 2009 at 15:04 +0200: > Is there a chance to create a certification on the intern server called by > the extern https://name.dyndns.org adress ? It depends on the software you are using and on the setup... If you use some non-routable IP for your

RE: Open SSL via dyndns.org

> we tried to create a ssl certification via openssl. > Our problem is that we have in intern server called SVR02. This server > could be reached via name.dyndns.org:443. If we create a certification > with the CO SVR02 the server accept this and install the certification. > But if we try it from

Re: Open SSL in RedHat and Suse

Hi there: On February 10, 2009 08:36:36 am Mathews RK wrote: > Hi All, > > > > I have compiled OpenSSL in shared mode in RHEL (RedHat Linux) 3.0 using > gcc 3.4 compiler. I made one installation in RHEL 3.0. It works fine. > But if I install this in Suse, it fails to start/ stop apache. If I > rep

RE: Open SSL server and JSee client

Hello, > If IV is not required for cipher when we use RC4,does anyone have idea > on what might be the problem? Problem is not on server side (OpenSSL) but on client side. Server is configured to request client authentication (we see certificate_request packet send from server) but client do not wa

RE: Open SSL server and JSee client

If IV is not required for cipher when we use RC4,does anyone have idea on what might be the problem? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Marek Marcola Sent: Wednesday, April 18, 2007 1:17 PM To: openssl-users@openssl.org Subject: Re: Open

Re: Open SSL server and JSee client

Hello, > But it appears > that your problem is defined by the 'no IV' message. I did a quick > search on it and didn't find much that was helpful. > >... no IV for cipher > >main, WRITE: TLSv1 Change Cipher Spec, length = 1 > >JsseJCE: Using JSSE internal implementation for cipher RC4 > >*** Fini

Re: Open SSL server and JSee client

ueueConnectionFactory.java:79) > at Sender.main(Sender.java:39) > >-Original Message- >From: [EMAIL PROTECTED] >[mailto:[EMAIL PROTECTED] On Behalf Of Jim Sansing >Sent: Wednesday, April 18, 2007 8:57 AM >To: openssl-users@openssl.org >Subject: Re: Open SSL serve

RE: Open SSL server and JSee client

Hello, > 3. server (openSSL) requires the client certificate to be sent in. The > client certificate that I send in is signed by the root certificate > which exists on the server. Therefore the client should be trusted > > > Below is the debug trace: > > trigger seeding of SecureRandom > done

RE: Open SSL server and JSee client

Tibj msQueueConnectionFactory.java:79) at Sender.main(Sender.java:39) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jim Sansing Sent: Wednesday, April 18, 2007 8:57 AM To: openssl-users@openssl.org Subject: Re: Open SSL server and JSee client What i

Re: Open SSL server and JSee client

What is the java error? But in the meantime, since you didn't mention it, there are a few steps you could verify: 1) Since you are using a local keystore, can I assume that you added the certificate to it using the keystore command? 2) By 'mutual authentication' do you mean that the server must

RE: open ssl configuration with .net

de bhanu_rao -$ Enviado el: lunes, 09 de octubre de 2006 7:11 -$ Para: openssl-users@openssl.org -$ Asunto: Re: open ssl configuration with .net -$ -$ -$ Hi all, -$ Havent recieve any reply,why? -$ I earilar also send some querry but nobody answer that time also, -$ So please

Re: open ssl configuration with .net

Hi all, Havent recieve any reply,why? I earilar also send some querry but nobody answer that time also, So please give me some answer or tell me place where I get those answers. bhanu_rao wrote: > > Hi friends, > > Can any body tell me ,how can we configure the openssl with .net

Re: open ssl memory leak?

Hello, If Your application is multithreaded you should free the error queue. For current thread just add line: ERR_remove_state(0); More information: http://www.openssl.org/docs/crypto/ERR_remove_state.html# Best regards, -- Marek Marcola <[EMAIL PROTECTED]>

Re: Open SSL Symmetric Code Security with Apache2.0

Ben, I'm hoping to get very basic instructions on how to create a client side certificate. What kind of certificates are you planing to hand out to your users? Do you want to trust an official certificate authority, or do you want to issue the certificates yourself? Desirably, I want to be

RE: Open SSL

David,   You mentioned you have different areas to Implement OpenSSL. Let’s take Sales and Marketing as our examples. Ex1:   https://sales..com Ex2:   http://marketing..com In here Sales Department will be listening on 443 port and rest on port 80. Socket Layer default port is 443. U

[jyothi.s@ap.sony.com: Re: Open SSL: Only Few Algorthms]

Forwarded to openssl-users... - Forwarded message from Jyothi <[EMAIL PROTECTED]> - X-Original-To: [EMAIL PROTECTED] X-Original-To: [EMAIL PROTECTED] Delivered-To: [EMAIL PROTECTED] From: Jyothi <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Subject: Re: Open SSL: Only Few Algorth

Re: open-ssl user using spam filters?

[EMAIL PROTECTED] has chosen one approach to stop spam, I've chosen another: http://au.spamassassin.org/index.html Rather than force an entire mailing list to authenticate itself, I'm simply able to do this: blacklist_from [EMAIL PROTECTED] which flushes him down /dev/null Sorry, this is off t

RE: open-ssl user using spam filters?

Yes. -Original Message- From: Jeff Fulmer [mailto:[EMAIL PROTECTED] Sent: Thursday, January 08, 2004 12:32 PM To: [EMAIL PROTECTED] Subject: open-ssl user using spam filters? The who command is disabled but it looks like "[EMAIL PROTECTED]" <[EMAIL PROTECTED]> has a spam filter applied t

Re: Open-SSL - Vxworks port

Systems Bangalore - 560 001 Phone: (080) 2867921 Extn: 7605 www.hssworld.com "linux guy" <[EMAIL PROTECTED]> Sent by: [EMAIL PROTECTED] 09/10/03 11:55 AM Please respond to [EMAIL PROTECTED] To [EMAIL PROTECTED] cc Subject Re: Open-SSL - Vxworks port hel

Re: Open-SSL - Vxworks port

hello akchaudhury,I just finished one SSL-supported web server under vxworks(ppc603), and I don't know much about TLS. ur configure command to generate the Makefile for u to make libcrypto.a&libssl.a with is (almost)right. since the error prompt is BAD CERTIFAICATE,if ur product is a server one,U n

Re: Open-SSL - Vxworks port

is ur product the server one? maybe your sslconfig is not correct. - Original Message - From: [EMAIL PROTECTED] Date: Tue, 9 Sep 2003 14:13:57 +0530 To: [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: Open-SSL - Vxworks port > > > > > Hi, > > TLS feature was implemented using the OpenSS

Re: OPEN SSL ON HP-UX 11.0 32 bit

On Fri, Jan 18, 2002 at 06:48:55PM +0100, Alexis BOILEAU wrote: > When I launch ./config -d I've got this message : This system (debug-hpux-parisc-cc) >is not supported. See file INSTALL for details. > > Because I've not got a ANSI Compiler : Have you got a binary Version of Open SSL for >HP-UX

Re: OPEN SSL-Windows NT

Hello, The versions of OpenSSL that you can download from http://www.openssl.org/source/ are for all platforms (including windows). If you want to extract .tar.gz on windows: use e.g. WinZip http://www.winzip.com/ (this does the trick on my windows 2000 box) PS. please don't mail in HTML layout.

Re: open ssl 40bit key generation

> How can i generate 40bit test certificate? I think you're confused. The certificate (RSA, basically) is typically 1024 although sometimes 512 or 2048 bits. It is used to exchange a session key for a symmetric-key cipher that is used to do the bulk traffic encryption, and *that* is usually 128

Re: Open SSL server side in Windows

Filipe, I have successfully implemented some opensSSL with Windows NT. The problem you are describing could be due to: 1) The client rejecting the server cert because it does not trust it. 2) The server not sending the client a list of recommended CA's 3) The server cert not having the same na

RE: OPEN SSL

At 11:04 AM 11/29/00 -0500, Pino wrote: >Another question... > >Does the SSL Server have to be a standalone or can it be a service that >will run with what ever else exists on the server? The "SSL server" is just another application running on a machine. One example is Apache web server, which

RE: OPEN SSL

Title: RE: OPEN SSL Thanks Tom, Another question... Does the SSL Server have to be a standalone or can it be a service that will run with what ever else exists on the server? Can I have two machines communicate with each other encrypting the data transmitted between them? Or a network of

Re: OPEN SSL

At 09:55 AM 11/29/00 -0500, Pino wrote: >I have a question with regards to SSL and not being used via a web browser. > >Can SSL be administered between two devices or a network of devices with >out using the web browser.. lets say embedded within an application? Yes. OpenSSL can be added to an

Re: Open-SSL on Win32

Nguyen Ngoc Hoa wrote: >No for both, >These three functions just need only when you make new SSL context, >and then each threads will operate and be effectted in this context. Hmmm... That doesn't sound right. Are you saying that: >RAND_xxx(); >SSLeay_add_ssl_algorithms(); >SSL_load_error_string

Re: Open SSL Socket Creation.

encap2.ond

Re: Open SSL and Diffe Hellman

> David Murphy wrote: > > Hi - I am trying to develop an SSL Java client side app and testing > against OpenSSL. Whenver I request any suite with DH key excahnge I > get "Could not agree on ciper suite " from OpenSSL. ie any suite > prefixed SSL_DH_.. > > What do I need to do to have OpenSSL acc