- After installation and
softlink created -console does not connect
0.9.8 and 1.0.2 versions are not binary compatible. So if your SSH server is
built against the 0.9.8 version and it expects to be loading the libcrypto.so
from that version it will not work against the libcrypto.so from 1.0.2. The
0.9.8 and 1.0.2 versions are not binary compatible. So if your SSH
server is built against the 0.9.8 version and it expects to be loading
the libcrypto.so from that version it will not work against the
libcrypto.so from 1.0.2. The SSH server has to be built against the
1.0.2 version to work with it
Hi,
I have build and installed 1.0.2u version but when I have change below softlink
point to 1.0.2u from 0.9.8, console from putty stopped connecting.
This is something related to openssl.cnf or we need new certs and private keys.
Please help on same or share any documentation on it.
Note - 3.0.
Instead of:
make install
Do:
make install_sw install_ssldirs
Matt
On 15/10/2021 12:56, Armin Novak wrote:
Hi,
I need to deploy custom builds for OpenSSL for some packages I maintain
(flatpak/snap/windows/mac/...)
Most of the build/install time is spent installing the /usr/share/doc
stuff,
Hi,
I need to deploy custom builds for OpenSSL for some packages I maintain
(flatpak/snap/windows/mac/...)
Most of the build/install time is spent installing the /usr/share/doc
stuff, which is not used in that case anyway.
Is there some configuration option to disable this without the need to
tend to stay on LTS
solutions.I do patch weekly.
From: Jan Just Keijser
Sent: Monday, May 31, 2021 8:45 AM
To: Michael McKenney ; openssl-users@openssl.org
Subject: Re: Why can't we get a proper installation method to keep OpenSSL at
the latest revision for Linux?
Hi,
On 31/05/21
31, 2021 5:55 AM
*To:* Michael McKenney ;
openssl-users@openssl.org
*Subject:* Re: Why can't we get a proper installation method to keep
OpenSSL at the latest revision for Linux?
On 30/05/21 14:05, Michael McKenney wrote:
Why can't we get a proper installation method to keep
cryptology.The OpenSSL
bugs state to upgrade beyond 1.1.1f.
-Original Message-
From: openssl-users On Behalf Of Mauricio
Tavares
Sent: Monday, May 31, 2021 7:45 AM
To: openssl-users@openssl.org
Subject: Re: Why can't we get a proper installation method to keep OpenSSL at
the l
Keijser
; openssl-users@openssl.org
Subject: Re: Why can't we get a proper installation method to keep OpenSSL at
the latest revision for Linux?
If you use a supported distro (i.e., one that is not out of life) then the
distro is expected to supply CVE issue fixes in form of updates.
They us
rstanding your
needs and defense in depth. For instance, do you run something like
fail2ban? Do you monitor your logs and network traffic?
>
> From: Jan Just Keijser
> Sent: Monday, May 31, 2021 5:55 AM
> To: Michael McKenney ;
> openssl-users@openssl.org
> Subject: Re: Why can
May 31, 2021 5:55 AM
> To: Michael McKenney ;
> openssl-users@openssl.org
> Subject: Re: Why can't we get a proper installation method to keep
> OpenSSL at the latest revision for Linux?
>
> On 30/05/21 14:05, Michael McKenney wrote:
> > Why can't we get a proper ins
er by apt? Ubuntu 20.04
started with 1.1.1f.My Kali server is mainly used for Try Hack Me
challenges and learn cyber security.
From: Jan Just Keijser
Sent: Monday, May 31, 2021 5:55 AM
To: Michael McKenney ; openssl-users@openssl.org
Subject: Re: Why can't we get a proper installation
On 30/05/21 14:05, Michael McKenney wrote:
Why can't we get a proper installation method to keep OpenSSL at the
latest revision for Linux?
My biggest compliant with Linux is it is so difficult to get best
practice installations for services like OpenSSL. Ubuntu is still on
1.1.1f.
s, Ubuntu has a package changelog.
Cheers, Marian
Am So., 30. Mai 2021 um 14:06 Uhr schrieb Michael McKenney <
mike.mcken...@scsiraidguru.com>:
> Why can't we get a proper installation method to keep OpenSSL at the
> latest revision for Linux?
>
> My biggest compliant with L
Why can't we get a proper installation method to keep OpenSSL at the latest
revision for Linux?
My biggest compliant with Linux is it is so difficult to get best practice
installations for services like OpenSSL. Ubuntu is still on 1.1.1f.I have
been trying to upgrade to 1.1.1k. Op
t;>>>>> 832
>>>>>>>>>>>
>>>>>>>>>>> fstat(3, {st_mode=S_IFREG|0755, st_size=2156240, ...}) = 0
>>>>>>>>>>>
>>>>>>>>>>> mmap(NULL, 3985920, PROT_READ|PROT_EXEC,
>>&g
t;>>>>>
>>>>>>> set_tid_address(0x7f3046806a10) = 47865
>>>>>>>
>>>>>>> set_robust_list(0x7f3046806a20, 24) = 0
>>>>>>>
>>>>>>> rt_sigaction(SIGRTMIN, {sa_hand
>>>>>> rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
>>>>>>
>>>>>> getrlimit(RLIMIT_STACK, {rlim_cur=8192*1024,
>>>>>> rlim_max=RLIM64_INFINITY}) = 0
>>>>>>
>>>>>> --- SIGSEGV {si_si
*Satyam*
>>>>>
>>>>>
>>>>>
>>>>> On Mon, 26 Oct 2020 at 17:50, Dmitry Belyavsky
>>>>> wrote:
>>>>>
>>>>>> Dear Satyam,
>>>>>>
>>>>>> First of all, I
able pointing to freshly built libcrypto/libssl
>>>>>>
>>>>>> I try setting the LD_LIBRARY_PATH but it is still crashing
>>>>>>
>>>>>> *which openssl*
>>>>>>
>>>>>&g
gt;>> total 11M
>>>>>
>>>>> drwxr-xr-x. 2 root root 61 Oct 25 16:27 pkgconfig
>>>>>
>>>>> -rwxr-xr-x. 1 root root 3.3M Oct 26 12:58 libcrypto.so.1.1
>>>>>
>>>>> -rwxr-xr-x. 1 root root 7
t;
>>>>
>>>> *gdb ./openssl core.3370 *
>>>>
>>>>
>>>> GNU gdb (GDB) Red Hat Enterprise Linux 7.6.1-119.el7
>>>>
>>>> Copyright (C) 2013 Free Software Foundation, Inc.
>>>>
>>>> License GPLv3+: GNU
quot;show
>>> copying"
>>>
>>> and "show warranty" for details.
>>>
>>> This GDB was configured as "x86_64-redhat-linux-gnu".
>>>
>>> For bug reporting instructions, please see:
>>>
>>> <
al 11, Segmentation fault.
>>
>> #0 0x0041c53d in do_body.isra.3 ()
>>
>> (gdb) bt
>>
>> #0 0x0041c53d in do_body.isra.3 ()
>>
>> (gdb)
>>
>>
>>
>>
>> Thanks
>>
>> Satyam
>>
>>
3 AM Satyam Mehrotra
>> wrote:
>>
>>> Hello,
>>>
>>> Any Suggestions on how this can be done ?
>>> why openssl binary is crashing if i am compiling it with
>>> *-enable-weak-ssl-ciphers
>>> ,* also what is the location of the cras
shing if i am compiling it with
>> *-enable-weak-ssl-ciphers
>> ,* also what is the location of the crash file.
>>
>> Thanks
>> Satyam
>>
>> On Sun, 25 Oct 2020 at 12:57, Satyam Mehrotra
>> wrote:
>>
>>> Hello Everyone,
>>>
>>&
My requirement is to have the SSLv3 and weak ciphers enable with openssl
>> installation .
>> I have a query regarding enabling SSLv3 protocol and weak ciphers with
>> openssl-1.1.1h installation
>>
>> I have followed the below st
oined the openssl users community.
> My requirement is to have the SSLv3 and weak ciphers enable with openssl
> installation .
> I have a query regarding enabling SSLv3 protocol and weak ciphers with
> openssl-1.1.1h installation
>
> I have followed the below steps
>
> 1) *
Hello Everyone,
I have just joined the openssl users community.
My requirement is to have the SSLv3 and weak ciphers enable with openssl
installation .
I have a query regarding enabling SSLv3 protocol and weak ciphers with
openssl-1.1.1h installation
I have followed the below steps
1
Is there anyone meets the same Failure like me? Pls help me.
The installation steps list below.
[birdnofoots@trojan openssl-1.1.1f]$ cat /proc/version
Linux version 4.14.129-bbrplus (root@vultr.guest <mailto:root@vultr.guest>)
(gcc version 4.8.5 20150623 (Red Hat 4.8.5-36) (GCC)) #1 S
Is there anyone meets the same Failure like me? Pls help me.
The installation steps list below.
[birdnofoots@trojan openssl-1.1.1f]$ cat /proc/version
Linux version 4.14.129-bbrplus (root@vultr.guest <mailto:root@vultr.guest>)
(gcc version 4.8.5 20150623 (Red Hat 4.8.5-36) (GCC)) #1 S
On 05/08/2019 22:53, Dawn Cassara wrote:
> Where would I find the easiest, most comprehensive installation instructions
> for
> Windows 2012 r2?
I assume you mean installation of OpenSSL on that platform!
Installation instructions are here:
https://github.com/openssl/openssl/bl
Perhaps not on an OpenSSL list?You might try stackoverflow.comCharlesSent from
a mobile; please excuse the brevity.
Original message From: Dawn Cassara
Date: 8/5/19 5:53 PM (GMT-05:00) To: openssl-users@openssl.org Subject:
documentation on installation Where would I find
Where would I find the easiest, most comprehensive installation
instructions for Windows 2012 r2?
--
Dawn Cassara
832-224-6826 / 314-332-0279
Houston / St. Louis Reputation Management http://HoustonRepManagement.com
http://StLouisRepManagement.com
Where would I find the easiest, most descriptive and most comprehensive
installation info for Windows 2012 r2 server?
Sent from Mail for Windows 10
Hello,
I am working on a Solaris 11.4 x86 64bit virtual server. There are no specific
applications loaded on it yet. I am preparing it to be a BIND server
eventually.
To that end, I downloaded and installed OpenSSL 1.1.1b so I have the latest and
greatest to work with.
The installation
Is it possible to perform the self tests after an installation? If so,
how do we do it (I'm interested in both 1.0.x and 1.1.x)?
'make test' works from the build directory, and I don't recall seeing
an 'openssl test' command that could work after installation.
I
nssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf Of
Michael Wojcik
Sent: Thursday, December 11, 2014 12:08 PM
To: openssl-users@openssl.org
Subject: Re: [openssl-users] Using s_client under z/OS installation
A quick look at apps/s_client.c in the 1.0.1j sources suggests that it
[mailto:openssl-users-boun...@openssl.org] On Behalf Of
Savino, Victor
Sent: Thursday, December 11, 2014 10:53
To: 'openssl-users@openssl.org'
Subject: [openssl-users] Using s_client under z/OS installation
I am trying to use the s_client feature to retrieve certificates from other
SMPT servers. Th
I am trying to use the s_client feature to retrieve certificates from other
SMPT servers. The s_client connection works to other z/OS systems, but fails to
any ASCII based mail server. Tracing the connections show that the EHLO goes
out in EBCDIC and the responding server claims unknown command.
> From: owner-openssl-us...@openssl.org [mailto:owner-openssl-
> us...@openssl.org] On Behalf Of Frederic Nivor
> Sent: Friday, 02 May, 2014 11:18
> To: openssl-users@openssl.org
> Subject: OpenSSL / GnuTLS / Certificate Installation HowTo
>
> I would like to create a TCP c
certificate. So from now, I
don't know how to install and configure everything in order to work
properly:
- from the SSL certificate installation (if I need to),
- how to use GnuTLS in my client/server program with those
certificates (if needed),
- ...
Can somebody explain the all thing p
successful but while i am checking the version it shows error segmenation
fault core dumped. I think that I am not following correct installation
steps.
kindly help me to install openssl1.0.01 in 32 bit and kinldy provide the
installation steps.
Thanks and Regards,
V. Mayilan
as totally successful and faultless by the way.
Regards
Ian
--
From: "Thomas J. Hruska"
Sent: Sunday, February 09, 2014 2:23 PM
To:
Subject: Re: Installation Win32 Borland5.5 openssl-1.0.1f
On 2/9/2014 5:27 AM, Ian Rye wrote:
I am new to
On 2/9/2014 9:18 PM, Gisle Vanem wrote:
"Thomas J. Hruska" wrote:
If this ends up being a bug that won't be fixed, then my
recommendation is to build it against VC++. Borland has two
command-line tools called 'impdef' and 'implib' bundled with their
compiler suite(s) that can take almost any
"Thomas J. Hruska" wrote:
If this ends up being a bug that won't be fixed, then my recommendation
is to build it against VC++. Borland has two command-line tools called
'impdef' and 'implib' bundled with their compiler suite(s) that can take
almost any DLL and generate .def and .lib files th
On 2/9/2014 5:27 AM, Ian Rye wrote:
I am new to the mailing list so please forgive me if this request is
inappropriate.
I have followed the instructions from INSTALL.W32 as follows
Borland C++ builder 5
-
* Configure for building with Borland Builder:
> perl Configure BC
I am new to the mailing list so please forgive me if this request is
inappropriate.
I have followed the instructions from INSTALL.W32 as follows
Borland C++ builder 5
-
* Configure for building with Borland Builder:
> perl Configure BC-32
* Create the appropriate makefil
Dear OpenSSL Team,
Do you have some installation guide/Deployment guide for this product to do a
Private CA server. And how to do a CSR / CRL / Revoke Cert.
Best regards,
Charnchai Sathianpattaratane
Senior Pre-sales Engineer
Enterprise Systems
The Value
Hi Jakob
On Fri, May 24, 2013 at 11:57 AM, Jakob Bohm wrote:
> On 5/24/2013 9:47 AM, keshava jm wrote:
>>
> [snip]
> The intended and proper way to do things is:
>
> 1. The CA creates its own private key, which is kept in a very secure
> place (like a computer with no network connections, rigge
On 5/24/2013 9:47 AM, keshava jm wrote:
Hi,
I have tried to generate self-signed certificates using the openssl.
While generating these certificates the private key is involved during
the certificate signing process by the rootCA.
You are doing it wrong!
1. What is the actual purpose of this
Hi,
I have tried to generate self-signed certificates using the openssl.
While generating these certificates the private key is involved during the
certificate signing process by the rootCA.
1. What is the actual purpose of this private key?
2. why this private key is installed in the client side
AM
To: openssl-users@openssl.org
Subject: facing problem in installation of openssl-0.9.7d
I am having some error when i try to install openssl-0.9.7d.
from the VC++ environment at a prompt when i run this command
> nmake -f ms\ntdll.mak
I get following errors
1 file(s) copied.
_Charles_
FROM: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] ON BEHALF OF Ahmad
SENT: Wednesday, September 26, 2012 2:46 AM
TO: openssl-users@openssl.org
SUBJECT: facing problem in installation of openssl-0.9.7d
I am having some error when i try to
Ahmad
Sent: Wednesday, September 26, 2012 2:46 AM
To: openssl-users@openssl.org
Subject: facing problem in installation of openssl-0.9.7d
I am having some error when i try to install openssl-0.9.7d.
from the VC++ environment at a prompt when i run this command
> nmake -f ms\ntdll.mak
I
I am having some error when i try to install openssl-0.9.7d.
from the VC++ environment at a prompt when i run this command
> nmake -f ms\ntdll.mak
I get following errors
1 file(s) copied.
cl /Fotmp32dll\cryptlib.obj -Iinc32 -Itmp32dll /MD /W3 /WX /G5 /Ox
/O2
/Ob2 /Gs0 /GF /Gy
er
>> the very end of the installation to Copy OpenSSL DLLs to either the
>> Windows
>> system directory or the OpenSSL binaries (c:/OpenSSL/bin) directory. Is
>> there any reason I cannot put it in both places by running the
>> installation
>> twice and choosin
On 5/11/2012 9:00 AM, John wrote:
Hello. When using the Win32 OpenSSL v1.0.1c 16Mb Installer from here
http://slproweb.com/products/Win32OpenSSL.html, I am given the option ner
the very end of the installation to Copy OpenSSL DLLs to either the Windows
system directory or the OpenSSL binaries (c
Hello. When using the Win32 OpenSSL v1.0.1c 16Mb Installer from here
http://slproweb.com/products/Win32OpenSSL.html, I am given the option ner
the very end of the installation to Copy OpenSSL DLLs to either the Windows
system directory or the OpenSSL binaries (c:/OpenSSL/bin) directory. Is
The system I am using is CentOS 5.4, and I am trying to install a
custom openssl with a custom zlib.
The system architecture is x86_64.
I have tried to compile and install openssl versions: 0.9.8m, 0.9.8n and 1.0.0
I have tried zlib versions 1.2.3, 1.2.4, and 1.2.5.
GCC Version: 4.1.2-46
Kernel:
Jonnalagadda
-Original Message-
>From: Kyle Hamilton
>Sent: Jun 26, 2009 2:43 PM
>To: openssl-users@openssl.org
>Subject: Re: Cam separate instances of apache http server use same Open SSL
>installation
>
>Using the same version/copy of OpenSSL isn't going to
th Apache HTTP server 2.0.63 installed.
> this apache HTTP server is connected to TOmcat 5.5.0 where our application
> exists. My scenarion is like this I woul like to use the installed OPen SSL
> 0.9.8i with one more installations of Apache HTTP server 2.0.63 connecting to
> ome m
connecting to ome more
installation of tomcat 5.5.9. Is this possible with OpenSSL? Help on this is
highly appreciated.
Thanks in advance,
Sincerely,
Srinivas Jonnalagadda
__
OpenSSL Project http
On Mon, Mar 02, 2009, Victor Duchovni wrote:
> On Mon, Mar 02, 2009 at 05:36:15PM -0800, Claus Assmann wrote:
> > Out of the box OpenSSL 0.9.8j fails to install on SunOS 5.10 ( cp:
> > What's the "correct" way to fix this? For now I "hacked" the Makefile
> > to ignore the result of the cp command
On Tue, Mar 03, 2009, Dr. Stephen Henson wrote:
> On Tue, Mar 03, 2009, Claus Assmann wrote:
> > On Tue, Mar 03, 2009, Dr. Stephen Henson wrote:
> > > Please try a recent 0.9.8 snapshot, for example:
> > Fails in a different way:
> > PS: patch for Makefile:
> > --- M Tue Mar 3 13:31:48 2
On Tue, Mar 03, 2009, Claus Assmann wrote:
> On Tue, Mar 03, 2009, Dr. Stephen Henson wrote:
> > On Mon, Mar 02, 2009, Claus Assmann wrote:
>
> > > Out of the box OpenSSL 0.9.8j fails to install on SunOS 5.10 ( cp:
> > > cannot access fipscanister.o). I found a mail in the archives about
>
> >
On Tue, Mar 03, 2009, Dr. Stephen Henson wrote:
> On Mon, Mar 02, 2009, Claus Assmann wrote:
> > Out of the box OpenSSL 0.9.8j fails to install on SunOS 5.10 ( cp:
> > cannot access fipscanister.o). I found a mail in the archives about
> Please try a recent 0.9.8 snapshot, for example:
> ftp://
On Mon, Mar 02, 2009, Claus Assmann wrote:
> Out of the box OpenSSL 0.9.8j fails to install on SunOS 5.10 ( cp:
> cannot access fipscanister.o). I found a mail in the archives about
> this and applied the patch to disable FIPS (see below). However,
> after doing that compilation fails because fip
On Mon, Mar 02, 2009 at 05:36:15PM -0800, Claus Assmann wrote:
> Out of the box OpenSSL 0.9.8j fails to install on SunOS 5.10 ( cp:
> cannot access fipscanister.o). I found a mail in the archives about
> this and applied the patch to disable FIPS (see below). However,
> after doing that compilati
thank you.
On Mon, Mar 2, 2009 at 8:36 PM, Claus Assmann
> wrote:
> Out of the box OpenSSL 0.9.8j fails to install on SunOS 5.10 ( cp:
> cannot access fipscanister.o). I found a mail in the archives about
> this and applied the patch to disable FIPS (see below). However,
> after doing that comp
Out of the box OpenSSL 0.9.8j fails to install on SunOS 5.10 ( cp:
cannot access fipscanister.o). I found a mail in the archives about
this and applied the patch to disable FIPS (see below). However,
after doing that compilation fails because fips.h is missing:
cc -I. -I.. -I../include -DOPENSSL_
On Mon, Jan 19, 2009, Blasdel, Jerry wrote:
> I had the same problem. I made a change that will make it work but it
> would be good if someone else could verify if the change is necessary.
>
> In the Makefile under the fips directory, where it does the cp -p of the
> fips modules, I had to add t
copied.
-Original Message-
From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Eileen Tan
Sent: Sunday, January 18, 2009 10:06 PM
To: openssl-users@openssl.org
Subject: Installation Problems
Hi,
I'm new to openssl & have recently d
I think you have taken bad version of openSSL
Hi,
I'm new to openssl & have recently downloaded openssl-0.9.8j.tar & had tried
installing it but encountered errors.
I've also installed "libiconv-1.11-sol10-sparc-local.gz" &
"gcc-3.4.6-sol10-sparc-local.gz"
Below are my steps:
# isainfo
sparcv9 sparc
# uname -a
SunOS training2 5.10 Generi
Hi Rajnish,
On Fri, 19 Dec 2008, Kushwaha, Rajnish IN KRG SISL wrote:
> Now we want to communicate with Tomcate 5.5
>
> Note : http://hostName:8079/VYOM/servlet/MainServlet/home this is
> working but https://hostName:8079/VYOM/servlet/MainServlet/home
>
> Not working.
You cannot use HTTP and
Hi,
I am unable to install crypt-SSLeay_0.57 on my machine (Windows).
Could you please help in installing this.
Thanks
Ramu Paloju
Tata Consultancy Services
Mailto: [EMAIL PROTECTED]
Website: http://www.tcs.com
Experience certainty. IT Servi
[EMAIL PROTECTED]
Sent: Tuesday, September 30, 2008 2:32 PM
To: openssl-users@openssl.org
Subject: Re: Installation Steps for OpenSSL on AIX Unix
Hello,
[EMAIL PROTECTED] wrote on 09/30/2008 03:34:28 PM:
> Greetings,
>
> We would like to install the latest stable version of the OpenSSL
ed
> a "tarball" from the official OpenSSL website and opened it up using
Winzip. We cannot find
> any explicit installation instructions for our Unix platform. At least
it is not
> apparent at this point.
If you want to compile your own version of OpenSSL you may try:
(3
I think you are attempting to install from the source code. This installation
is highly platform dependent and varies from platform to platform. Having said
that OpenSSL uses the GNU make system. The basic steps are:
Unzip/untar
Enter new directory
Run ./configure
Run make
Run make install
inzip. We cannot find
any explicit installation instructions for our Unix platform. At least
it is not apparent at this point.
Please advise.
Thank you.
Bob Richardson
Allina Hospitals and Clinics
IS Data Integration - Cloverleaf
Phone: 612-262-0041 CDT
This message contains inform
=/usr/local/openssl-0.9.8e
4) make all test install.
The installation seemed to be successfull.
After this I tried to compile OpenSSH with openssl 0.9.8e,
but script ./configure --with-ssl-dir=/usr/local/openssl-0.9.8e exited with
error:
checking OpenSSL header version... 90805f (OpenSSL 0.9.8e 23
Read the PROBLEMS doc in the distribution; there's a note about this.
There is a bug which is apparently in the toolchain on that platform.
- Ariel
Matthew Maddox wrote:
I am attempting to install OpenSSL 0.9.8h on a Solaris x86 32 bit
virtual machine.
I am able to ./config, make and mak
I am attempting to install OpenSSL 0.9.8h on a Solaris x86 32 bit virtual
machine.
I am able to ./config, make and make install but make test fails.
Here is the error I am receiving:
# make test
testing...
making all in apps...
../util/shlib_wrap.sh ./destest
*** Signal 11 - core dumped
make:
ramme\Microsoft Visual Studio
8\VC\BIN\link.EXE"' : return code
'0x49d'
Stop.
Can someone tell me what i can do to solve this problem?
Cheers,
Kim
--
View this message in context:
http://www.nabble.com/Installation-of-openSSL-tp16586197p16586197.html
Sent from
Hello again,
I replied to this already on the openssl-dev list, although
openssl-users is the more appropriate of the two lists. Please don't
cross-post though. Thanks.
Cheers,
Geoff
On Wed, 2008-03-26 at 17:07 -0400, Azam Syed wrote:
> I loaded openssl 0.9.8g and when I complie Nagios plugin it
I loaded openssl 0.9.8g and when I complie Nagios plugin it says yes
next to openssl, but when I do the make I get the following. I complied
Nagios plugin with "[EMAIL PROTECTED] nagios-plugins-1.4.11]# ./configure
--prefix=/usr/local/nagios/libexec --with-ssl-dir=/usr/local/ssl
--with-libs=-ldl"
Forwarded to OpenSSL-Users for discussion.
Best regards,
Lutz
- Forwarded message from "Francisco E. Salinas" <[EMAIL PROTECTED]> -
From: "Francisco E. Salinas" <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: Installation issue
Date:
Hi,
I am getting following error while installing openssl-0.9.8e.tar on
Solaris 9. Is this source not meant for this OS.
Where can I find proper code then?
Please assist.
Error:
ld: fatal: file dhparam.o: wrong ELF machine type: EM_386
ld: fatal: File processing errors. No out
On Fri, Sep 28, 2007 at 08:37:12PM +0530, Urjit Gokhale wrote:
> > > > considered as proposition to discussion. Real, secure programming
> should
> > > > be based on existing, well checked protocols (which is possible in
> this
> > > > case).
> > >
> > > The OP was going to embed his CA's private
> > > considered as proposition to discussion. Real, secure programming
should
> > > be based on existing, well checked protocols (which is possible in
this
> > > case).
> >
> > The OP was going to embed his CA's private key in his installer.
>
> The OP was not thinking clearly about key management
Hello,
> > > Now you *are* saying that if you just use something to validate the
> > > certificate, you are safe.
> > >
> > > You and I are in violent agreement, you just don't see it. You
> > > also suggest
> > > setting up an SSL connection that provides everything except
> > > MITM detection.
>
On Thu, Sep 27, 2007 at 11:38:39AM -0700, David Schwartz wrote:
> > considered as proposition to discussion. Real, secure programming should
> > be based on existing, well checked protocols (which is possible in this
> > case).
>
> The OP was going to embed his CA's private key in his installer.
> Hello,
> > Now you *are* saying that if you just use something to validate the
> > certificate, you are safe.
> >
> > You and I are in violent agreement, you just don't see it. You
> > also suggest
> > setting up an SSL connection that provides everything except
> > MITM detection.
> > You then
On Wed, Sep 26, 2007 at 04:28:15PM -0700, David Schwartz wrote:
>
> Victor Duchovni wrote:
>
> > Use a self-signed cert and and a trusted source of peer<->cert or cert
> > fingerprint mappings. The public CA is just one mapping function.
>
> Well then you're going to have to argue with yourself
Hello,
> Now you *are* saying that if you just use something to validate the
> certificate, you are safe.
>
> You and I are in violent agreement, you just don't see it. You also suggest
> setting up an SSL connection that provides everything except MITM detection.
> You then take something from th
Victor Duchovni wrote:
> Use a self-signed cert and and a trusted source of peer<->cert or cert
> fingerprint mappings. The public CA is just one mapping function.
Well then you're going to have to argue with yourself since you said not to
do this two posts ago:
>>>Actually not the certificate,
On Wed, Sep 26, 2007 at 03:58:08PM -0700, David Schwartz wrote:
> I am not enough of an expert to comment for sure on this, but it seems that
> there would be no harm in using the certificate for this purpose. A MITM
> cannot create an SSL session that uses the same certificate as the real
> serve
> On Wed, Sep 26, 2007 at 11:03:21AM +0200, Steffen DETTMER wrote:
>
> > > > So your point is that some property from the original
> > > > certificate (lets say some hash or so) could be included in
> > > > the extra authentication to detect a MITM (or whatever faked)
> > > > certificate? In that
On Wed, Sep 26, 2007 at 11:03:21AM +0200, Steffen DETTMER wrote:
> > > So your point is that some property from the original
> > > certificate (lets say some hash or so) could be included in
> > > the extra authentication to detect a MITM (or whatever faked)
> > > certificate? In that case, SSL w
1 - 100 of 348 matches
Mail list logo