Hi,
Could anyone tell me how to compile openssl-0.9.1c on NT4.0 without the
ASM routines?
I keep on receiving the error about: " ml file not found". Yes, I don´t
have de assembler.
Thanks for your help.
Heber.
__
OpenSSL Proje
Hi all,
How do I serialize an RSA private key into DER?
I tried by using the i2d_RSAPrivateKey(...) but it crashed.
My code snippet:
---
RSA *rsa = RSA_generate_key(1024, 0x10001, NULL, NULL);
unsigned char der[1]; // ought to be eno
Hi
I am trying to do something extremely simple, and not succeeding!
I want to encrypt and sign some data, and send it to a person
whose public key I have. I want to be able to do this with a
password for a private key that is supplied via a webpage form
(to sign the data). I'm going in total cir
Hello all,
What is the difference between
openssl-engine-0.9.6g.tar.gz
and
Hi everybody. I have a question to do. I'm
developing an aplicattion wich uses certificates in der format and private key
files in PKCS#1 format. I need to read a private key file in PKCS#1 format .
Does anyone know some function to read that file and obtain the private
key in a EVP_PKEY va
When a CA signs a certificate request , then the certificate is sent to the user . for this, is the certifictate automatically encrypted with the user public key ?
thx
david
Interview 50 Cent 100% I am what I am...
: [EMAIL PROTECTED]
Subject: simple question !
Hello all,
What is the difference between
openssl-engine-0.9.6g.tar.gz
-Original
Message-From: david
[mailto:[EMAIL PROTECTED]Sent: Tuesday, May 17, 2005 4:48
AMTo: openssl-users@openssl.orgSubject: simple question
again
When a CA signs a certificate request , then the certificate is sent to the
user . for this, is the certif
That's correct - that's why IBM is buying Bluecoat.
SSL is nothing to a Bluecoat. Child's play :)
-Original Message-
From: Rich Salz [mailto:[EMAIL PROTECTED]
Sent: Tuesday, May 17, 2005 1:23 PM
To: Miles Bradford
Cc: 'openssl-users@openssl.org'
Subject: Re: simp
d - you. Don't try to piss on people with some
sort of holier than thou crap.
SSL is broken on a daily basis with the Bluecoat and just as easy as I said.
Go away and quit bothering me with whatever.
-Original Message-
From: David Schwartz [mailto:[EMAIL PROTECTED]
Sent: Tuesday,
> Ok, so if it is not a problem if the cetifiacte is intercepted, how
> to "prove that you are the party the certificate was issued to by
> demonstrating possession of the private key " ? Is it a special
> configuration the VPN ?
Typically, the receiver of the certificate sends a challenge to the
to the perspective system?
If someone has figured out that it is "Okay" - I'd like to find out "Why"
and "How".
Sorry if I got a bit brash.
Thanks
Miles
-Original Message-
From: Vadym Fedyukovych [mailto:[EMAIL PROTECTED]
Sent: Tuesday, May 17, 2005
On May 18, 2005, at 2:45 PM, Miles Bradford wrote:
My question on top of that was - "How could someone intercept an
encrypted
message and get to the information inside the certificate without
corrupting
the encryption that the data is wrapped in - since once the perpetrator
learned who you are -
All correct for authentication. There are times that public keys or
certificates are encrypted using a DH protocol for privacy. You might
not want a man in the middle to track where you go, and a certificate
is your identity.
> From: Joshua Juran <[EMAIL PROTECTED]>
> Date: Wed, 18 May 2005 15:3
just validated only?
Miles
-Original Message-
From: Ken Goldman [mailto:[EMAIL PROTECTED]
Sent: Wednesday, May 18, 2005 12:52 PM
To: openssl-users@openssl.org
Subject: Re: simple question again
All correct for authentication. There are times that public keys or
certificates are
> Thanks to the both of you...Josh and Ken.
>
> My questions got answered and I have a better understanding.
>
> and now --
>
> So - I put SSL inside an i-frame and when the user comes into my website -
> accepts my certificate - from that point on all documentation sent either
> back and forth is
Ken Goldman wrote:
> All correct for authentication. There are times that public keys or
> certificates are encrypted using a DH protocol for privacy. You might
> not want a man in the middle to track where you go, and a certificate
> is your identity.
>
That's somewhat of an oversimplification
> Ken Goldman wrote:
> > All correct for authentication. There are times that public keys or
> > certificates are encrypted using a DH protocol for privacy. You might
> > not want a man in the middle to track where you go, and a certificate
> > is your identity.
> >
>
> That's somewhat of an ov
might be visible but could not be used to "get into"
because of private keys.
Sorry if I got a bit brash.
Thanks
Miles
Regards,
Vadym
-----Original Message-
From: Vadym Fedyukovych [mailto:[EMAIL PROTECTED]
Sent: Tuesday, May 17, 2005 6:40 PM
To: openssl-users@openssl.org
Subject: Re
Hello :(
As usual trolling..
The particular pages or components retrieved over the SSL link (the one
retrieved through URLs beginning with 'https'), will be sent over encrypted
links. In addition, the endpoint will be validated. So that if you retrieve
'https://www.amazon.com/anything/goes/
> The particular pages or components retrieved over the SSL link (the one
> retrieved through URLs beginning with 'https'), will be sent over encrypted
> links. In addition, the endpoint will be validated. So that if you retrieve
> 'https://www.amazon.com/anything/goes/here', you will receive a
On Wed, 18 May 2005, Ken Goldman wrote:
All correct for authentication. There are times that public keys or
certificates are encrypted using a DH protocol for privacy. You might
not want a man in the middle to track where you go, and a certificate
is your identity.
Correct me if I'm wrong, but my
Joshua Juran wrote:
On May 18, 2005, at 2:45 PM, Miles Bradford wrote:
My question on top of that was - "How could someone intercept an
encrypted
message and get to the information inside the certificate without
corrupting
the encryption that the data is wrapped in - since once the perpetrator
le
wartz
Cc: openssl-users@openssl.org
Subject: RE: simple question again
> The particular pages or components retrieved over the SSL link (the one
> retrieved through URLs beginning with 'https'), will be sent over
encrypted
> links. In addition, the endpoint will be validated.
On May 19, 2005, at 4:03 PM, Miles Bradford wrote:
So when you send the CSR including the Public Key - you would send
them the
(your) Private Key, also? Then they sign it with a Private Key they've
created? and send it back?
You don't give away your private key to anybody, not even the
certifica
Mathias Sundman wrote:
On Wed, 18 May 2005, Ken Goldman wrote:
All correct for authentication. There are times that public keys or
certificates are encrypted using a DH protocol for privacy. You might
not want a man in the middle to track where you go, and a certificate
is your identity.
Correct
Joshua Juran wrote:
On May 19, 2005, at 4:03 PM, Miles Bradford wrote:
So when you send the CSR including the Public Key - you would send
them the
(your) Private Key, also? Then they sign it with a Private Key they've
created? and send it back?
You don't give away your private key to anybo
D]>
> Objet: Re: simple question again
> Date: Tue, 17 May 2005 09:47:43 -0400
> > When a CA signs a certificate request , then the certificate is sent to
> > the user . for this, is the certifictate automatically encrypted with
> > the user public key ?
>
> Rarel
> > if somebody intercepts the certificate while it is in transit on the
> > network, this person can use this certificate ?
>
> If you have a certificate you can verify something that's been signed
> with the private key, or you can encrypt something so that only the
> holder of the private k
much a
non-happening event.
-Original Message-
From: david [mailto:[EMAIL PROTECTED]
Sent: Tuesday, May 17, 2005 9:23 AM
To: Rich Salz
Cc: openssl-users@openssl.org
Subject: Re: Re: simple question again
> > if somebody intercepts the certificate while it is in transit on the
network
> > > if somebody intercepts the certificate while it is in transit
> > > on the network, this person can use this certificate ?
> > If you have a certificate you can verify something that's been signed
> > with the private key, or you can encrypt something so that only the
> > holder of the priv
PM
To: openssl-users@openssl.org
Subject: RE: Re: simple question again
> > > if somebody intercepts the certificate while it is in transit
> > > on the network, this person can use this certificate ?
> > If you have a certificate you can verify something that's been
> This is why in my other replies to whomever - I made the
> statement about how
> fast all this can be done. It takes at least 3 good handshakes to get
> onboard a SSL site - but, what matters the most is that
> &*_*&)^&^)*_**;qwepqowifskljfas that surrounds the key - is intact and not
> minus o
sage-
From: David Schwartz [mailto:[EMAIL PROTECTED]
Sent: Tuesday, May 17, 2005 4:22 PM
To: openssl-users@openssl.org
Subject: RE: Re: simple question again
> This is why in my other replies to whomever - I made the
> statement about how
> fast all this can be done. It takes at l
The script you se under Is a very simple script. It asks a server for a
page, over ssl. Is it possible to make the script use X509 client
certificate?
Or does annyone have a simple example on how to use client certificate in
a simple way?
--- simple script
use Net::SSLeay;
Net::SS
> A certificate essentially says something like "I am Verisign, and I certify
> that Joe Schmoe is the rightful owner of the private key whose corresponding
> public key is X".
>
> The certificate itself is generally considered public information and it is
> not a problem if the certificate is
>
> Ok, so if it is not a problem if the cetifiacte is intercepted, how to "prove
> that you are the party the certificate was issued to by demonstrating
> possession of the private key " ?
> Is it a special configuration the VPN ?
>
> thx
> david
>
You now have a public key, anything you enc
Dear Knut,
I dont think it's possible to use client certificates whith Net::SSLeay.
On Mon, 12 Feb 2001, Knut Olav Bøhmer wrote:
>
> The script you se under Is a very simple script. It asks a server for a
> page, over ssl. Is it possible to make the script use X509 client
> certificate?
>
>
Hi folks,
I have a simple question about OpenSSL and HTTP
I try to enhance httpd codes into secure one, such as httpsd.
could i simply combine openssl library with httpd codes for that?
are there any different between http and https except for the ssl
handshacking?
best regards,
Mars
Mars,
have a look at http://www.modssl.org/
cheers,
Sean
MARS.LIN ªL¨|¼w wrote:
>
> I have a simple question about OpenSSL and HTTP
> I try to enhance httpd codes into secure one, such as httpsd.
> could i simply combine openssl library with httpd codes for that?
> are ther
TED]]
Sent: Thursday, September 06, 2001 5:06 PM
To: [EMAIL PROTECTED]
Subject: Re: simple question about OpenSSL and HTTP
Mars,
have a look at http://www.modssl.org/
cheers,
Sean
MARS.LIN ªL¨|¼w wrote:
>
> I have a simple question about OpenSSL and HTTP
> I try to enhance httpd codes in
41 matches
Mail list logo
