Hi.
openssl ca performs a signature check on the CSR prior to issuing the
certificate. I could not find (I had posted on the list before) anyway to
shut it off, and had to finally add a line to openssl ca to generate a
warning on signature verification failure rather than a fatal error.
Can we
hi,
im using openssl 0.9.5 with SGC.
im facing a problem that IE browser 40-bit (IE4.0 or
IE5.0) can't connect to my web site.
to solve this, i used the cipher group default=
RC4-MD5, so all IE browser can
connect, but for IE browser with 128bit, the SSL
secured has downgrade from 128
bit to 40
Hello!
How I can to create a certificate from the command line?
I want create a certificate, sign it and finally, I want to create
an
x509 store, how i can do it?
Thanks in advance,
Antonio.
--
--
Antonio Ruiz Martnez
Facultad de
Hello, all.
I'd like to generate a 1024-RSA Key Pair from 3 bytes array . Each array
contains public module (n) public exponent (e) and private exponent (d).
And then I'd like print both keys (public and private) in a file , in
PEM-Format. How could I do this?
Thank you very much.
Dear Sir,
I have difficulty in using the private key
of gennerated by win2000 in openssl.When openssl uses the certificate and the
key, a error occurs. I don't know whether the file format of the private key is
correct.I get a certificate coded in DERand a private key.The private key
file
Is there a similar tool for the windows environment ?
It could be handy...
Best regards,
_
Carlos Serro [EMAIL PROTECTED]
http://www.carlos-serrao.com
DCTI - IS/IT Department
Sandipan Gangopadhyay wrote:
Hi.
openssl ca performs a signature check on the CSR prior to issuing the
[...]
the DN that needs to be expanded or modified or marked up by the CA.
[...]
This feature is essential for openssl to implement what Microsoft (and other
commercial CAs) call the
-subj is under the CRL option of openssl ca
(http://www.openssl.org/docs/apps/ca.html#). Can it be used for CA option ?
Please note that my suggestion was to decouple the verification and signing,
and to let openssl ca verify by default.
If -subj cannot be used to override DN in the request,
I'm trying to setup imaps on my server and I'm getting an error when a client
tries to connect.
Apr 12 23:39:58 purple imapsd[1485]: Unable to load certificate from /usr/share/
ssl/certs/imapsd.pem
Apr 12 23:39:58 purple imapsd[1485]: SSL error status: error:02001002:system lib
rary:fopen:No
Hi,
A x509v3 certificate can have more than one CRL Distribution Point
Extensions, in this case is it certain that all the Distribution Points
corresponds to the same CRL.
Thanks
Aslam
__
OpenSSL Project
Hi,
I"m hoping someone could just help my understanding about SSL.
The scenario is a client is purchasing something from an e-commerce site
and submits their credit card info on a form coming from a secure
server. The secure server sends back a confirmation page showing
everything purchased
Hi,
I'm trying to figure out how to add x509v3 extensions
using the openssl x509 utility. The man page mentions
that the -extfile can be used to specify extensions to
be used by a certificate. Looking at the code, it looks
like it parses this as a normal conf file, looking in
the
check out the doc/openssl.txt file.
_
Greg Stark
Ethentica, Inc.
[EMAIL PROTECTED]
_
- Original Message -
From: "Tim Newsham" [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Monday, April 16, 2001 2:35 PM
Subject:
On Mon, Apr 16, 2001 at 02:18:06PM -0500, David Jourard wrote:
Till now I always thought that the SSL was secure in just one direction
from the client to the server since the client browser encrypts the data
with a public key and the server decrypts with a private key; till someone
else
Lutz
I am using MS VC++ 6.0 on Windows 2000 to build the examples.
app_rand.c
s_cb.c
s_client.c
s_socket.c
ssleay32.lib
libeay32.lib
rsaglue.lib
The program compiled after adding app_rand.c to the build but I am getting a
s_client.exe - Application Error: Memory could not be written when I
check out the doc/openssl.txt file.
Thanks, that did the trick. This information should
probably be put in the man page, or at least referenced
by it.
As a quick reference for others, the steps I performed
to get x509v3 fields I needed are to create a config file:
- ext.conf -
Best bet: You are linking against the incorrect c-runtime - use /MD
(multithreaded dll)
Menu: Project...Settings...c/C++ tabCategory: Code GenerationUse
Runtime Library --- Multi-Threaded DLL
Didn't you have to build apps.c as well for a standalone s_client.exe?
You can also grab the
17 matches
Mail list logo