Oh my, I figured it out after digging through the OpenSSL source code.
My CA certificate and the client certificate both had the same common
name, so they were clobbering each other.
Changing the name of the CA certificate solved the problem.
On Sun, 15 Nov 2020 at 14:10, Samuel Williams
wrote:
Hello
I generate a CA (self signed), and then generate a certificate from
that CA, which should be used by a HTTP/2 client and server during
testing.
This code was working as recently as 12 months ago, but it seems like
something has stopped it from verifying correctly.
Here is how the CA is gen
On 2009.06.04 at 09:04:11 +1000, Brad Mitchell wrote:
>
> The reason we use command-line utilities to verify is for transparency.
> Data could be used in the courts for example and having that "hey.. go
> download openssl and verify it yourself" is a lot better than.. here is a
> util we wrote to
Original Message-
From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Randy Turner
Sent: Thursday, 4 June 2009 1:07 AM
To: openssl-users@openssl.org
Subject: Re: Problems verifying certificates generated by Microsoft
Certificate Authority and timestamping
H
the long term affects of this would be in an
enterprise but this is what I’ve done to remove it.
brad
From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org
] On Behalf Of Brad Mitchell
Sent: Wednesday, 3 June 2009 11:15 AM
To: openssl-users@openssl.org
Subject: Re: P
er-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Brad Mitchell
Sent: Wednesday, 3 June 2009 11:15 AM
To: openssl-users@openssl.org
Subject: Re: Problems verifying certificates generated by Microsoft
Certificate Authority and timestamping
Hi,
I've bee
Hi,
I've been trying to get Time Stamping working where the CA issuing the Time
Stamping certificate is issued by a Microsoft Windows Server 2003 Enterprise
CA.
I've had success in terms of being able to actually sign the digest and I
actually have a certificate with the purpose of Time Sta
Tel: 01/724-84-26
Fax: 01/724-84-27
eMail: [EMAIL PROTECTED]
- Original Message -
From: "Rich Salz" <[EMAIL PROTECTED]>
To: "Uros Gaber - PowerCom" <[EMAIL PROTECTED]>
Cc: "OpenSSL" <[EMAIL PROTECTED]>
Sent: Wednesday, August 15, 2001 2:
> I would like to know how to create a 128bit server certificate or how
> to verify it is 128bit...
You are confusing the session key (typically RC4) with the certificate
(typically RSA 1024 bit).
You can limit what crypto suites are used. See the ciphers manpage.
--
Zolera Systems, Securing w
Hi!
I would like to know
how to create a 128bit server certificate or how to verify it is
128bit...
Thank
you!
Uro¹ GaberPowerCom Gaber & Globoènik
d.n.o.http://www.powercom-si.comeMail: [EMAIL PROTECTED]GSM: 040/848-001Fax:
040/848-026Tel: 01/724-84-26Fax: 01/724-84-27
BEGIN:VCARD
On Wednesday 25 July 2001 05:55, Jean-Marc Desperrier wrote:
> George Staikos wrote:
> > On Tuesday 24 July 2001 20:26, George Staikos wrote:
> > >I've been noticing many problems with some new certificates which
> > > are being issued by Entrust and Verisign.
> >
> >Actually I looked it o
Michelle T wrote:
>
> Thanks for the input. I forgot to mention that the
> error I receive is "certificate signature failure". I
> will look back through the archives and at the man
> page you suggested to see if I can find any clues.
>
Hint: try the FAQ first.
Steve.
--
Dr Stephen N. Hen
Thanks for the input. I forgot to mention that the
error I receive is "certificate signature failure". I
will look back through the archives and at the man
page you suggested to see if I can find any clues.
--- Lutz Jaenicke <[EMAIL PROTECTED]>
wrote:
> On Tue, Jul 10, 2001 at 12:28:58PM -0700,
On Tue, Jul 10, 2001 at 12:28:58PM -0700, Michelle T wrote:
> I am new to the openssl library. I am trying to write
> a simple program to illustrate how to verify
> certificates using the openssl library. I cannot seem
> to get the program to work, although I have taken most
> of the code from t
I am new to the openssl library. I am trying to write
a simple program to illustrate how to verify
certificates using the openssl library. I cannot seem
to get the program to work, although I have taken most
of the code from the verify.c file in the apps
directory. I know my certificates should
From: Chris Drumgoole <[EMAIL PROTECTED]>
You have misunderstood how verification is done. What you need to
tell s_server is what issuers you trust by pointing out a store with
their certificates (a PEM file). So, you need to get the certificate
for "OU=Secure Server Certification Authority, O=
Hi, I am running openssl 0.9.6a on a SunOS2.6 machine.
I installed like so:
./config
make
make test
make install
my problem is, it doesn't seem to be able to verify *any* signed
certificates.
here is an example output from
bin/openssl s_client -host rsaonline.rsasecurity.com -port 443 -showcer
Bingo. Thanks
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Dr Stephen Henson
Sent: Wednesday, March 08, 2000 5:47 PM
To: [EMAIL PROTECTED]
Subject: Re: Verifying Certificates
Mark E. Schoneman wrote:
>
> I'm aware I'm trying to chea
Mark E. Schoneman wrote:
>
> I'm aware I'm trying to cheat abit here, but here's the problem.
> I'm trying to verify certificates via API rather than reading from files.
> I have the CA cert in CAx509 and the cert to verify in x509
> I use X509_STORE_add_cert it load the CA's cert in the store, t
I'm aware I'm trying to cheat abit here, but here's the problem.
I'm trying to verify certificates via API rather than reading from files.
I have the CA cert in CAx509 and the cert to verify in x509
I use X509_STORE_add_cert it load the CA's cert in the store, thinking
that if finds it there firs
20 matches
Mail list logo