Oh my, I figured it out after digging through the OpenSSL source code.
My CA certificate and the client certificate both had the same common
name, so they were clobbering each other.
Changing the name of the CA certificate solved the problem.
On Sun, 15 Nov 2020 at 14:10, Samuel Williams
Hello
I generate a CA (self signed), and then generate a certificate from
that CA, which should be used by a HTTP/2 client and server during
testing.
This code was working as recently as 12 months ago, but it seems like
something has stopped it from verifying correctly.
Here is how the CA is
-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Brad Mitchell
Sent: Wednesday, 3 June 2009 11:15 AM
To: openssl-users@openssl.org
Subject: Re: Problems verifying certificates generated by Microsoft
Certificate Authority and timestamping
Hi,
I've been trying to get
: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Randy Turner
Sent: Thursday, 4 June 2009 1:07 AM
To: openssl-users@openssl.org
Subject: Re: Problems verifying certificates generated by Microsoft
Certificate Authority and timestamping
Hi Brad,
I guess I'm
On 2009.06.04 at 09:04:11 +1000, Brad Mitchell wrote:
The reason we use command-line utilities to verify is for transparency.
Data could be used in the courts for example and having that hey.. go
download openssl and verify it yourself is a lot better than.. here is a
util we wrote to
Hi,
I've been trying to get Time Stamping working where the CA issuing the Time
Stamping certificate is issued by a Microsoft Windows Server 2003 Enterprise
CA.
I've had success in terms of being able to actually sign the digest and I
actually have a certificate with the purpose of Time
: 01/724-84-26
Fax: 01/724-84-27
eMail: [EMAIL PROTECTED]
- Original Message -
From: Rich Salz [EMAIL PROTECTED]
To: Uros Gaber - PowerCom [EMAIL PROTECTED]
Cc: OpenSSL [EMAIL PROTECTED]
Sent: Wednesday, August 15, 2001 2:56 AM
Subject: Re: Creating / verifying certificates
I would like
Hi!
I would like to know
how to create a 128bit server certificate or how to verify it is
128bit...
Thank
you!
Uro¹ GaberPowerCom Gaber Globoènik
d.n.o.http://www.powercom-si.comeMail: [EMAIL PROTECTED]GSM: 040/848-001Fax:
040/848-026Tel: 01/724-84-26Fax: 01/724-84-27
BEGIN:VCARD
I would like to know how to create a 128bit server certificate or how
to verify it is 128bit...
You are confusing the session key (typically RC4) with the certificate
(typically RSA 1024 bit).
You can limit what crypto suites are used. See the ciphers manpage.
--
Zolera Systems, Securing
On Wednesday 25 July 2001 05:55, Jean-Marc Desperrier wrote:
George Staikos wrote:
On Tuesday 24 July 2001 20:26, George Staikos wrote:
I've been noticing many problems with some new certificates which
are being issued by Entrust and Verisign.
Actually I looked it over more
I am new to the openssl library. I am trying to write
a simple program to illustrate how to verify
certificates using the openssl library. I cannot seem
to get the program to work, although I have taken most
of the code from the verify.c file in the apps
directory. I know my certificates
On Tue, Jul 10, 2001 at 12:28:58PM -0700, Michelle T wrote:
I am new to the openssl library. I am trying to write
a simple program to illustrate how to verify
certificates using the openssl library. I cannot seem
to get the program to work, although I have taken most
of the code from the
Thanks for the input. I forgot to mention that the
error I receive is certificate signature failure. I
will look back through the archives and at the man
page you suggested to see if I can find any clues.
--- Lutz Jaenicke [EMAIL PROTECTED]
wrote:
On Tue, Jul 10, 2001 at 12:28:58PM -0700,
Michelle T wrote:
Thanks for the input. I forgot to mention that the
error I receive is certificate signature failure. I
will look back through the archives and at the man
page you suggested to see if I can find any clues.
Hint: try the FAQ first.
Steve.
--
Dr Stephen N. Henson.
Hi, I am running openssl 0.9.6a on a SunOS2.6 machine.
I installed like so:
./config
make
make test
make install
my problem is, it doesn't seem to be able to verify *any* signed
certificates.
here is an example output from
bin/openssl s_client -host rsaonline.rsasecurity.com -port 443
From: Chris Drumgoole [EMAIL PROTECTED]
You have misunderstood how verification is done. What you need to
tell s_server is what issuers you trust by pointing out a store with
their certificates (a PEM file). So, you need to get the certificate
for OU=Secure Server Certification Authority,
Bingo. Thanks
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Dr Stephen Henson
Sent: Wednesday, March 08, 2000 5:47 PM
To: [EMAIL PROTECTED]
Subject: Re: Verifying Certificates
Mark E. Schoneman wrote:
I'm aware I'm trying to cheat abit here
I'm aware I'm trying to cheat abit here, but here's the problem.
I'm trying to verify certificates via API rather than reading from files.
I have the CA cert in CAx509 and the cert to verify in x509
I use X509_STORE_add_cert it load the CA's cert in the store, thinking
that if finds it there
Mark E. Schoneman wrote:
I'm aware I'm trying to cheat abit here, but here's the problem.
I'm trying to verify certificates via API rather than reading from files.
I have the CA cert in CAx509 and the cert to verify in x509
I use X509_STORE_add_cert it load the CA's cert in the store,
19 matches
Mail list logo