Im new to all this. What the plan is for me and a friend to make a
webpage with a few different sections. We would like to be able to
update it from one page. A page that would let us choose what section
it will be added to, write the new news or whatever and post it
automatically and making th
Hi,
my name is Hungdan Ly and I just downloaded the Crypt-SSLeay-0.16. I'm running
Perl v5.00502. I got your contact info from the README file. Sorry to
inconvenience you but I need your help. I'm trying to write a perl script that
will go to an https server (let's call it server1.mydomain.
I cannot get openssl
to make without errors. I keep getting "No such file or directory" on the
first 11 file then a cryptlib.o Error 1. I am trying to install SSH
on a Solaris 2.6 box. Any thoughts?
William Pleasants
Qwest Communications
Network Security Engineer
Hi,
I tried to build openssl on my win98se system and
fail each time.
Can i download the binaries somewhere?
Regards,
Paul.
I have been trying to figure this out on my own for the past day or so and am stumped.
I have installed all of the necessary stuff for openssl to compile but I keep getting
these error messages when I configure and make...
./Configure solaris-sparcv8-gcc shared no-threads
JUST A SECTION OF
Hi
I've been trying to edit and rebuild the ASN.1 database using objects.pl. I
am having problems understanding what is going on. As I understand it, the
file to edit is objects.txt, but if I change this file in any way, then
objects.pl no longer works. Can anybody please tell me what I should be
I am trying to create a situation where
either my Microsoft CA is root and openssl is subordinate or vice-versa.
Has anyone successfully done this. I have managed to sign a
subordinate csr from MS with open ssl but I can' figure out how to import
it back. Sorry if this is a duplicate post I hav
the issue. please help me.
-
Download prohibited? No problem. CHAT from any browser, without download.
I apologise for resending, but I got no response, and am really lost
here. Please take a minute to read it.
Yesterday I reinstalled SSL and the Apache. After that the server
responded ok and then went back to the same problem.
>>Previous Post
Hi all,
I am having a weird problem in my si
->Im new to all this. What the plan is for me and a friend to make a
->webpage with a few different sections. We would like to be able to
->update it from one page. A page that would let us choose what section
->it will be added to, write the new news or whatever and post it
->automatically and
sir,
I tried so many times and in so many ways to write
the client/server
applications ON Linux system.But none of them worked
out well.
I even tried the client/server programs that are given
in the "/apps" directory of Openssl.
So iam requesting you to send me an CLIENT/SERVER
application that
hi,
You know that OpenSSL supports DES for encryption of
data.So if you want to establish a communication link
between client & server then you must use a secret
key.
Now my question is,What the certificate contains?
I mean what public keys it contains & for what purpose
they can be used?
Could
Dear Admin
I have a long question.
I got an error message during update openssl. The error message is like this
-
root@proxy imsi]# rpm -Uvh openssl-0.9.6-9.i386.rpm
openssl ##
/sb
I apolozige I'm a newbie. This is my first request and I've gone fairly far
on reading the documentation I have found. I have totally gotten Apache up
on mod_SSL and am trying to get openssl to work. It worksI only have
one stumbing block concerning the -rand functionality.
the details:
L
Salam,
Signing a request has no relation with signing requests.
To do so try what follows:
1/ Request Generation:
openssl req -new -out cert.req
2/ request Signature:
openssl req -ca -config path/openssl.cnf -in cert.req -out cert.pem
path: path to openssl.cnf configuration fil
IMHO it's bad idea to use gcc 3.0 on Solaris now. I had very bad expirience
with it in the past. If it is possible, try gcc 2.95.3.
Aleksey Sanin
Paul Mallary wrote:
>I have been trying to figure this out on my own for the past day or so and am
>stumped. I have installed all of the necessary s
In message <[EMAIL PROTECTED]>
on Mon, 22 Apr 2002 19:16:13 -0700, "Paul Mallary" <[EMAIL PROTECTED]> said:
pmallary> I have been trying to figure this out on my own for the past day or so and
am stumped. I have installed all of the necessary stuff for openssl to compile but I
keep getting the
In message <[EMAIL PROTECTED]> on Mon, 22 Apr 2002 22:38:47 -0700, Aleksey
Sanin <[EMAIL PROTECTED]> said:
aleksey> IMHO it's bad idea to use gcc 3.0 on Solaris now. I had very
aleksey> bad expirience with it in the past. If it is possible, try
aleksey> gcc 2.95.3.
Is that just on Solaris, or
I've tried it on Solaris and Linux. IMHO, in both cases it is not polished
as well as it should be. Probably there exist projects there you have to
use 3.0 because of its new features. But it's not the case for me.
Aleksey.
Richard Levitte - VMS Whacker wrote:
>In message <[EMAIL PROTECTED]>
Aleksey Sanin wrote:
> IMHO it's bad idea to use gcc 3.0 on Solaris now. I had very bad
> expirience
> with it in the past. If it is possible, try gcc 2.95.3.
I've had recently the occasion to compiles openssl 0.9.6 out of the box
without problem with both 2.95.3 and 3.0.3 under Solaris.
But
i have try many times.
i got the same error message.
==
perl Configure VC-WIN32
.\ms\do_nt.bat
nmake -f .\ms\nt.mak
ps .net vc++(vc++ v7)
.
ui_compat.c
cl /Fotmp32\krb5_asn.obj -Iinc32 -Itmp32 /MD /W3 /WX /G5 /Ox /O2
/Ob2 /
Gs0 /GF /Gy
I *think* I understand it now, but any clarification etc. would still be
most appreciated.
Steve
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of steve thornton
Sent: 23 July 2003 10:09
To: [EMAIL PROTECTED]
Subject: Please help
Hi
I've been tryi
On Wed, Jul 23, 2003, steve thornton wrote:
> Hi
>
> I've been trying to edit and rebuild the ASN.1 database using objects.pl. I
> am having problems understanding what is going on. As I understand it, the
> file to edit is objects.txt, but if I change this file in any way, then
> objects.pl no l
PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Dr. Stephen Henson
Sent: 23 July 2003 12:36
To: [EMAIL PROTECTED]
Subject: Re: Please help
On Wed, Jul 23, 2003, steve thornton wrote:
> Hi
>
> I've been trying to edit and rebuild the ASN.1 database using objects.pl.
I
> am having pro
On Wed, Jul 23, 2003, steve thornton wrote:
> Yes I've noticed this. Basically I am making an embedded client, and am
> looking for every way possible to reduce code size, and obj_dat is very big.
> I've more or less concluded that it is not worth the trouble, but 24k is
> 24k.
> It surely should
13:52
To: [EMAIL PROTECTED]
Subject: Re: Please help
On Wed, Jul 23, 2003, steve thornton wrote:
> Yes I've noticed this. Basically I am making an embedded client, and am
> looking for every way possible to reduce code size, and obj_dat is very
big.
> I've more or less concluded
Dear all,Thank you very much for this chance. ThanksAll, now I am finishing my paper. The title is TLS.As I know that TLS use SSL to make the communication secure.Can anybody tell me how can SSL make communication secure?I mean that how SSL use in TLS for secure the voip communication\/I do hope an
ib:ssl_rsa.c:607
>
>
> how to resolve the issue. please help me.
Try d2i_RSAPrivateKey() if your buffer has RSA key in DER format.
Best regards,
--
Marek Marcola <[EMAIL PROTECTED]>
__
OpenSSL Project
ng routines:ASN1_ITEM_EX_D2I:nested
> asn1 error:tasn_dec.c:374:Type=RSA
> 29755: error:140B200D:SSL routines:SSL_CTX_use_RSAPrivateKey_ASN1:ASN1
> lib:ssl_rsa.c:607
>
>
> how to resolve the issue. please help me.
Try d2i_RSAPrivateKey() if your buffer
ok i l try that.let me know u ..
Marek Marcola <[EMAIL PROTECTED]> wrote: Hello,
> i tried that way, now its generating coredump files.is there any other
> way to solve that issue...
You should use something like that (buf and len has your key):
unsigned char *p;
RSA *rsa = NULL;
p = b
Hello,
> i tried that way, now its generating coredump files.is there any other
> way to solve that issue...
You should use something like that (buf and len has your key):
unsigned char *p;
RSA *rsa = NULL;
p = buf;
if ((rsa=d2i_RSAPrivateKey(NULL,&p,(long)len)) == NULL){
goto err;
}
if (
:ASN1
> lib:ssl_rsa.c:607
>
>
> how to resolve the issue. please help me.
Try d2i_RSAPrivateKey() if your buffer has RSA key in DER format.
Best regards,
--
Marek Marcola
__
OpenSSL Project http://www.ope
Hello,
> ok i l try that.let me know u ..
You may try something like that (not tested):
int rsa_read_pem(RSA ** rsa, char *buf, int len)
{
BIO *mem;
if ((mem = BIO_new_mem_buf(buf, len)) == NULL) {
goto err;
}
*rsa = PEM_read_bio_RSAPrivateKey(mem, NULL, NULL, NULL);
thank you, its working fine.
Marek Marcola <[EMAIL PROTECTED]> wrote: Hello,
> ok i l try that.let me know u ..
You may try something like that (not tested):
int rsa_read_pem(RSA ** rsa, char *buf, int len)
{
BIO *mem;
if ((mem = BIO_new_mem_buf(buf, len)) == NULL) {
goto err;
EAP: EAP entering state RECEIVED
EAP: Received EAP-Failure
EAP: EAP entering state FAILURE
CTRL-EVENT-EAP-FAILURE EAP authentication failed
EAPOL: SUPP_PAE entering state HELD
EAPOL: SUPP_BE entering state RECEIVE
EAPOL: SUPP_BE entering state FAIL
EAPOL: SUPP_BE entering state IDLE
eapo
ola <[EMAIL PROTECTED]>
>
> __
> OpenSSL Project http://www.openssl.org
> User Support Mailing Listopenssl-users@openssl.org
> Automated List Manager [EMAIL PRO
Hi All!
I created an OID section but I'm a little confused
with how to use it. My example...
oid_section = my_oids
[my_oids]
value1 = 1.3.6.1.4.1..1
value2 = 1.3.6.1.4.1..2
value3 = 1.3.6.1.4.1..3
If I specify the -config sample.cnf when creating the
key, request and ce
Jairds wrote:
I am having a weird problem in my site related to SSL.
I can connect from inside the network to the secure pages , so the
certificate is fine. From outside the connections are refused. I have a
monitoring company checking the site and from them I got the following
error message
T
>>This is not an SSL issue. Does your ISP block port 443? The error from
>the monitoring company refers to their own script, not any files on
your
>machine. It simply can't make a connection to your server.
__
I am glad to h
Jairds wrote:
The problem is : I already talked to my provider and they claim not to
block any port. I checked my router and the port is open. If I netstat I
get
tcp0 0 *:https *:*
LISTEN
And, the worst of all. Sometimes it works.
I have no clue at th
Hello,
> > The problem is : I already talked to my provider and they claim not to
> > block any port. I checked my router and the port is open. If I netstat I
> > get
> >
> > tcp0 0 *:https *:*
> > LISTEN
> >
> > And, the worst of all. Sometimes it works.
Thanks guys , here it is
www.cliconnect.com
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Jorey Bump
Sent: Wednesday, November 23, 2005 9:33 AM
To: openssl-users@openssl.org
Subject: Re: Resending - Please help
Jairds wrote:
> The problem
On Wed, Nov 23, 2005 at 10:13:05AM -0800, Jairds wrote:
> www.cliconnect.com
>
Perhaps shawcable rate limits connections to your system...
$ openssl s_client -connect 24.71.57.40:443
CONNECTED(0003)
depth=1 /C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust
External CA Root
Hello all. I am brand new to OpenSSL and I'm hoping that one of you can
point me towards some (current) sample code or another appropriate resource.
I am working on a project with a rapidly-approaching deadline, so I don't
have a lot of time to search through the actual OpenSSL source trying to
l
Check out the demo apps directory...
;>
> Hello all. I am brand new to OpenSSL and I'm hoping that one of you
can
> point me towards some (current) sample code or another appropriate
resource.
> I am working on a project with a rapidly-approaching deadline, so I
don't
> have a lot of time to s
hi Douglas,
Thanks for your valuable information.
I,Mr.Radhakrishna-presently working on SSL field,have
installed "openssl" security software on the Linux
network.Now i want to send the information from one
system to another system using "openssl API
functions".It is first time for me to work on
Hi,
in short:
using SSL you have two parts of encryption:
first a public/secret key system (asymmetric cryptographie) is used to
establish a connection and to agree for a common secret key.
When both parties have agreed to that common secret key (which is, in
short, encrypted with the public keys
Hi, I'm a beginner programmer and I have been dropped into a big
cryptographic project. My boss went away, and told me what to do still he
comes back.
I have to do the following things in C:
-generate an RSA key pair
-write it out in a file in DER or PEM format
I tryed the following code:
#incl
l.c(369):
Random input /dev/urandom(1024) -> 1024[Tue Feb 20 16:01:29 2001]
[error] SSL_accept failed[Tue Feb 20 16:01:29 2001] [error]
error:140890B0:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:no certificates
returned
what is wrong? i use netscape 4.75
please help
christoph hubmann
e is a specific direction on achieving
that... like:
1. how to use the provided OpenSSL crypto API?
2. any settings on VC++ 6.0 for that?
3. any library (.LIB) needed?
etc.
Please help.
Thanks.
__
OpenSSL Project
Title: ??: Please Help: Crypto library with Visual C++
Hi,
Thanks
for your reply. I have tried, still the memory leak problem happens
:)
and
the whole application crashes
my
code is like this:
BIO *bio, *b64; BIO
*bio_out; char inbuf[128]; int
inlen; b64 = BIO_new(BIO_f_base64
Title: ??: Please Help: Crypto library with Visual C++
HI :D
Sorry to bother you again.
I
think I have found the reason :)
it is
because the Project setting is incorrect (thanks for your hints
indeed)
I have
to set the Code Generation (under tag C/C++), the "Use run-time librar
.
Ryan
-Original Message-
From: Valery [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, September 26, 2001 1:12 AM
To: [EMAIL PROTECTED]
Subject: Please help me!
Hello!
I used the certificate extensions "crlDistributionPoints" in my openssl.cnf
file.
And I faced the following problem.
W
--- Original Message -
From: "Ryan Hurst" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, September 26, 2001 10:15 PM
Subject: RE: Please help me!
> Valery --
>
> This field in a certificate points to where the issuer will make its
> certificate revocat
, September 27, 2001 1:35 AM
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: Re: Please help me!
Hello Ryan!
Thank you very much.
I have added the line in the Certificate Extensions section of my
openssl.cnf file:
crlDistributionPoints=URI:http://cert.vrn.ru/crl/main.crl
and then I made some
On Mon, Mar 17, 2003, luke wrote:
>
> i have try many times.
> i got the same error message.
> ==
> perl Configure VC-WIN32
> .\ms\do_nt.bat
> nmake -f .\ms\nt.mak
>
> ps .net vc++(vc++ v7)
>
> .
> ui_compat.c
> cl /Fotmp32\krb5_asn.obj
Hi ,
I need little help in implementing RFC 5746 on server, as per RFC it is not
very clear on how to tell clients that Server doesn't support renegotiation.
If anybody knows a way to tell clients that server doesn't support
renegotiation , please let me know.
Thanks
Ritesh Rekhi
Here is the relevant code. The problem is in this do_client_loop. I need to read from the server to check if it has closed but when i do this i cannot write to the server again for some reason. How can i rectify this..thanks in advance int do_client_loop(SSL *ssl) { int err, nwritten;
Dear all, Thank you very much for your time. This is my first message in this forum. All, I got error message in minisip command prompt when I tried using TLS (Transport Method = TLS and Network Port = 5061).But, without TLS , I can make a call with minisip. The error message says : A.
On Sat, Oct 21, 2006 at 08:04:01PM -0700, Ferianto siregar wrote:
> Dear all,
>
> Thank you very much for this chance. Thanks
> All, now I am finishing my paper. The title is TLS.
> As I know that TLS use SSL to make the communication secure.
> Can anybody tell me how can SSL make communication se
Hi,
I download openssl-0.9.8g from openssl.org website.
I want to build it using cygwin, so I run command "config" and command
"make" in cygwin.
libssl.a and libcrypt.a all be created.
But, this two lib can not work. Because I need armcc as compiler, not
gcc.
How can I do? I think tha
On Tue, Nov 09, 2004, ray v wrote:
> Hi All!
>
> I created an OID section but I'm a little confused
> with how to use it. My example...
>
> oid_section = my_oids
>
> [my_oids]
> value1 = 1.3.6.1.4.1..1
> value2 = 1.3.6.1.4.1..2
> value3 = 1.3.6.1.4.1..3
>
>
> If I spec
Thanks Dr. Henson
The link you sent was the one I used to base my
current configuration on. Its enivitable but I have a
few more questions below.
--- "Dr. Stephen Henson" <[EMAIL PROTECTED]> wrote:
> On Tue, Nov 09, 2004, ray v wrote:
>
> > Hi All!
> >
> > I created an OID section but I'm a li
On Tue, Nov 09, 2004, ray v wrote:
> Thanks Dr. Henson
>
> Ok this might be a sad indicator about my skill
> regarding this matter. Autoconfig is?
>
Its a mechanism where compliant OpenSSL applications can load various
configuration related options from a text file. Currently this includes new
That makes a great deal more sense!
My company is interested in generating certificates
that will only be used in house. We want to add four
new fields that can be read by in house application.
The purpose of doing this is mainly tracking.
If I understand what you've said I can choose any OID
and
On Tue, Nov 09, 2004, ray v wrote:
>
> I think the the reason why I can get the new OIDs to
> work is that I'm using the -config my.cnf when making
> the request myself. This would indicate as you've
> already said, I've got my OIDs in the wrong place.
>
> The question where can my new OIDs be p
you for your time and considerationI would be grateful to you if you would help me out as i am spending a lot of time on understanding this.
Please help me out.
Thanks,
vv
I just had the same problem today. I fixed it but I dont know exactly
what I did that made it work. I checked the hostname -f and it gave me
an alias at first, try hostname -vf and lookfor h_name=`...'. Even if
your using a vhost you should use your regular host name in the csr.
Good Luck!
Barry
At 10:08 AM 8/16/99 -0400, you wrote:
>Hello all. I am brand new to OpenSSL and I'm hoping that one of you can
>point me towards some (current) sample code or another appropriate resource.
>I am working on a project with a rapidly-approaching deadline, so I don't
>have a lot of time to search thr
Hello!
> It is first time for me to work on your
> "openssl" security software.So iam requesting you to
> send me the testing program(for client&server)in "C"
> which uses your"openssl API"functions of C
> language.when i run that (the program that you are
> going to send )programs(client program
I've
read the docs. I've seen the source. I still don't totally
understand.
I'm
trying to be a good doobie and use the High-level EVP_ functions for my RC4,
RC2, and DES
calls. But what about setting up the key? If I'm
doing password based stuff do I need to use \
EVP_BytesToKey ?? or
Oh dear, sounds like you're in a right pickle.
Don't forget to call this first:
SSLeay_add_all_algorithms();
It fills out some structures in SSL library that may be the cause of
your problems (I had the same problems as you, and this fixed it, after
much debugging).
There's no need to call RSA
16:01:29 2001] [error] SSL_accept failed
> [Tue Feb 20 16:01:29 2001] [error] error:140890B0:SSL
> routines:SSL3_GET_CLIENT_C
> ERTIFICATE:no certificates returned what is wrong? i use netscape
> 4.75 please help christoph hubmann
--
Jorge Olmos Forés
___
t;
>
>and i install
>But that added user certification
>
>
>
>
>How create intermediation CA(?) ?
>i want install intermediation CA(?)
>but i don't know
>I want openssl sample command that create down issue!
>Please help me!
ÖÂ
Àñ
Title: ??: Please Help: Crypto library with Visual C++
oh
when application crash .. it normally beacause link mfc lib
problem
you
may try use mfc in shared dll or mfc in static dll
it
may ok..
as
for memory leak ..
begin ..
OpenSSL_add_all_algorithms(); SSL_load_error_strings
Title: Message
No matter what I do,
I can't seem to connect via https.
I keep getting the
error:
[Wed Oct 17 07:02:10
2001] [error] [client 66.65.3.10] Invalid method in requestt From what
I have read, this means that I am trying to talk https on a port that only
speaks http.
I have tri
Hi there,
The problem that I encountered was with a call to ERR_get_error_line_data(),
and has not yet been solved. I was not encountering any memory leaks
with SSL_connect(). We are using OpenSSL V 0.9.6b currently, we plan
to upgrade in the near future.
When creating an SSL*, I tend to do the
I am trying to set up openSSL 0.9.7c on Pocket PC 2002 (WCE 3.0).
After completing confgiure, namake, etc
There were some error messages during testing (..\ms\testce at test enc
stage).
First error:
"cemkdir: failed to create directory 183"
Second error is:
at test enc stage it stops and exit
Hello,
I am trying to install OpenSSL-0.9.8k. I currently have OpenSSL-0.9.8.602.
Do I need to remove my older version before I install the new version?
Also, I ran a ./config --prefix=/usr/opt/OpenSSL, which came back with NO
error. Then when I ran make it gives me the following error:
cc: unr
On Sun, Jul 03, 2011, Ritesh Rekhi wrote:
> Hi ,
>
> I need little help in implementing RFC 5746 on server, as per RFC it is not
> very clear on how to tell clients that Server doesn't support renegotiation.
>
> If anybody knows a way to tell clients that server doesn't support
> renegotiation
Looks like I have not understood your problem.
Why do you have to do an SSL_read() to figure out if
it has closed? SSL_write() will fail it the other side
closes...
--- michael Dorrian <[EMAIL PROTECTED]> wrote:
> Here is the relevant code. The problem is in this
> do_client_loop. I need to rea
yeah you would think that but it doesnt for some strange reason.Girish Venkatachalam <[EMAIL PROTECTED]> wrote: Looks like I have not understood your problem. Why do you have to do an SSL_read() to figure out ifit has closed? SSL_write() will fail it the other sidecloses...--- michael Dorrian <[EM
Hello,
> Dear all,
>
> Thank you very much for your time. This is my first message in this
> forum.
>
> All, I got error message in minisip command prompt when I tried using
> TLS (Transport Method = TLS and Network Port = 5061).But, without
> TLS , I can make a call with minisip.
> The error m
On 05/10/2006, at 4:49 AM, Marek Marcola wrote:
Hello,
Dear all,
...
tls_tcpconn_init: Setting in ACCEPT mode (server)
11(5927) tcpconn_add: hashes: 835, 11
11(5927) handle_new_connect: new connection: 0x422d88f0 24 flags:
0002
11(5927) send2child: to tcp child 0 7(5919), 0x422d88f0
7(591
Hello,
> >>
> >> What`s wrong? How to solve the error "SSL3_GET_RECORD:wrong version
> >> number" and "SSL: connect failed"?
> >> From server side, you may get this error when:
> > - server is setup to SSL/TLS and client is connecting in plain mode,
> > for example:
> > $ telnet some_server 4
I have sent this before and got no answers, It may look simple, but It's
not. Please give me some ideas, or at least if there's someone who has
installed on HP-UX 11.0 with no problems, tellme what C compiler do you
have or if you did something more besides de quick installation
instructions.
Hi
I am facing a problem in compiling the openssl -0.9.7g version. I am using PERL to compile this. The following are the steps I am following in the compilation:
1) Type perl Configure no-idea no-mdc2 no-rc5 no-rc2 no-rc4 VC-WIN32
2) Type ms\do_nasm
3) Type "nmake -f ms\ntd
On Tue, Aug 16, 2005, varma d wrote:
>
> But, In this command what is the purpose of OCSPServer.pem, i still dont
> understand the purpose of OCSPServer.pem as we need to just send our request
> and expect a response from OCSP responder irrespective of OCSPServer.pemfile.
>
This is an issue o
Hi,
Is the following command for requesting OCSP status using openSSL is correct?
1) "ocsp -url http://ocsp.openvalidation.org -issuer ROOT_CA.pem -VAfile OCSPServer.pem -cert User.pem".
If i change above command, BY REMOVING OCSPServer.pem file i am getting status as good but with a message
Hi,
The -Vafile option is used for explicitly trusting the responder certificate of the ocsp serverSo if you omit this option you will get the "unable to get local issuer certificate" error.
To get this command workingopenssl ocsp -url http://ocsp.verisign.com:8080 -issuer ROOT_CA.pem -VAfile OCS
erationI would be grateful to you if you would help me out as i am spending a lot of time on understanding this.
Please help me out.Thanks,vv
__Do You Yahoo!?Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
URL as http://ocsp.verisign.com, how
> can i get verisign's
> > OCSPServer.pem. Also how can i get
> > latest OCSPServer.pem file for the given URL.
> >
> > 2)I tested by giving latest user certificates
> other than
> > openvalidation.org <http://
od.
> >
> > > (i have taken this command/files from
> >
> openvalidation.org<http://openvalidation.org/>(http://www.openvalidation.org/useserviceopenssl.htm)
> >
> > > )
> > >
> > > But, In this command what is the purpose of
> >
It is the OCSP responder cert. I suppose you already
have that, right? Or you can use this one which will
expire on Sep 15, 2005 though.
-BEGIN CERTIFICATE-
MIID2jCCA0OgAwIBAgIQaVnCDg78Yj+N1V5h9xQh0jANBgkqhkiG9w0BAQUFADCB
lDELMAkGA1UEBhMCVVMxGDAWBgNVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UE
CxM
Dear Fellow Netizens and OpenSSL Users,
We have been trying to migrate from mod_ssl to openSSL for our latest Apache
installation, and are encountering a number of problems which we'd be grateful
for helpful comments from established users:
1) When we run "[...]/apache/src/make certificate" the
All,
Argghh.. where did my hair go!
I have been trying to configure SSL for use with my current imap server (Cyrus). I
found a couple or reference pages which point to SSLeay (openssl) and stunnel which
would allow me to configure an SSL environment for Cyrus. If you could please help
wit
> John Castillo wrote:
> built SSLeay0.8.1b
Why are you're using this old version. Upgrade to latest OpenSSL release
from http://www.openssl.org/ .
> Jul 15 17:45:20 phoenix stunnel[12524]: Wrong permissions on
> /usr/local/ssl/certs/stunnel.pem
Since the file stunnel.pem contains a private ke
ver (Cyrus). I
>found a couple or reference pages which point to SSLeay (openssl) and stunnel which
>would allow me to configure an SSL environment for Cyrus. If you could please help
>with some suggestions or explanation of the error messages I'm getting, you're
>awes
C:PEM routines:PEM_read_bio:no start
line:pem_lib.c:662:Expecting: ANY PRIVATE KEY
Please help me
Thank you very much
Ivo MACHULDA
I've been building a small https client & everything has gone quite well.
Now I've been told that I need to include support for client authentication
using a standard x.509 certificate & I am stumped.
Is the certificate just going to be a file? Do I just have to set a path to
it, or is there some
1 - 100 of 222 matches
Mail list logo