Hi,
I've created a certificate request with openssl and received the
certificate from verisign.
I need to use this certificate with IIS on windows server 2003 but can't
seem to convert the certificate.
Here the message:
openssl x509 -in cert.crt -outform DER -out cert.der
unable to load
On Mon, Dec 19, 2005, Martijn Moret wrote:
Hi,
I've created a certificate request with openssl and received the
certificate from verisign.
I need to use this certificate with IIS on windows server 2003 but can't
seem to convert the certificate.
Here the message:
openssl x509 -in
Hi,
I've created a certificate request with openssl and received the
certificate from verisign.
I need to use this certificate with IIS on windows server 2003 but can't
seem to convert the certificate.
Here the message:
openssl x509 -in cert.crt -outform DER -out cert.der
unable to load
Hello,
I have some questions about shutting down an SSL connection.
I am using TLS for the communication protocol and I am doing the
following to close my SSL socket.
if( (SSL *)NULL != *sslSocket )
{
if( SSL_ST_OK == SSL_state( *sslSocket ) )
{
SSL_shutdown( *sslSocket );
On Mon, Dec 19, 2005 at 11:22:11AM -0500, Perry L. Jones wrote:
I have some questions about shutting down an SSL connection.
The correct use of SSL_shutdown() is described in the SSL_shutdown
manpage. Read the whole thing, and pay specific attention to:
When the application is the
hi,
if i protect the RSA private key with
a password:
is this function part of the RSA algorithm?
how validate the private key if the
password is correct?
thanks for help
jochen
if i protect the RSA private key with a password:
is this function part of the RSA algorithm?
No. The RSA algorithm only case about (i.e., uses) the key itself.
how validate the private key if the password is correct?
Most key-wrapping mechanisms have some (minimal) error checking
Hi,
what can I do to convert a SPKAC request into a PKCS#10 ? After that
will I be able to generate a SPKAC certificate from PKCS#10 request ?
Best regards,
Ivander Greco Júnior
__
OpenSSL Project
Hi Wulf,
The way I did this task is as follows:
1. Open the p7b file in windows xp machine (windows 2000 will also work).
2. Once you open you will see all the certs in the chain.
3. Export each certificate in base 64 format
4. Now you can concatenate the certificates in one file
what can I do to convert a SPKAC request into a PKCS#10 ? After that
will I be able to generate a SPKAC certificate from PKCS#10 request ?
You can't.
SPKAC is a signed pubkey and challenge. PKCS10 is a different
format of self-signed object. You'd have to have the private
key present
HI All,
AS per the man page of SSLdump , SSLDUMP will only support RSA ciphers but when I researched on the net I found that there is a bugfix which fixes this issue through which ssldump can support AES ciphers also.The bug id and description is as follows Bugfix Bugzilla ID#50952 -
Ok, I understand you. But can I generate a PKCS#10 whithout signing ? I
verified the SPKAC' signature as a first step.
Thanks for your help,
Ivander Greco Júnior.
Em Seg, 2005-12-19 às 10:18 -0800, Michael Sierchio escreveu:
what can I do to convert a SPKAC request into a PKCS#10 ?
I am confused.
If SSL_shutdown returns 0 then I need to call SSL_shutdown again? So
would I do something like this on the client side?
/* Client code to close SSL connection */
if( (SSL *)NULL != *sslSocket )
{
if( SSL_ST_OK == SSL_state( *sslSocket ) )
{
status =
Erik Leunissen wrote:
L.S.
Building openssl0.9.8a on Linux, using the following commands:
./config shared
make
failed with the following error message:
gcc -I.. -I../.. -I../../include -fPIC -DOPENSSL_PIC -DOPENSSL_THREADS
-D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -DL_ENDIAN -DTERMIO -O3
Hello,
I have been working on building a FIPS version of the Openssl libraries to
link with my Windows application. I have succeeded in building the FIPS
version of
the libs and dlls, and have successfully managed to get it to go into FIPS mode.
I have several questions:
1) Regarding the
Rick Jones wrote:
To my untrained eye it looks like a foul-up with the system include
files, or perhaps a change in what is #defined between the inclusion of
ioctl.h and of termio.h.
OK. Is there any direction for me to take in order to cure this (I don't
know what to look for).
Erik Leunissen wrote:
Rick Jones wrote:
To my untrained eye it looks like a foul-up with the system include
files, or perhaps a change in what is #defined between the inclusion
of ioctl.h and of termio.h.
OK. Is there any direction for me to take in order to cure this (I don't
know
Hi, I would just like to ask when, or on what scenarion
do I have to use TLS1 and SSL3?
Thanks!
Sent from the OpenSSL - User forum at Nabble.com:
When to use TLS1 and SSL3
Hi.,
I think that depends on the mode of SSL meaning blocking/non blocking,
If its the latter then you need to select again before calling the
2nd ssl shutdown and check whether the close notify from the peer is
received by checking the ssl_received_shutdown flag. If this flag is not
set, then
Dear list-members,
i'm in need to re-generate a p10-request. The request has
been generated before, but i lost the file. I only have
the public key from
openssl.exe req -noout -pubkey -in REQ -config CFG
, the modulus given from
openssl.exe req -noout -modulus -in REQ -config CFG
and the
Hello All,
I used OpenSSL 0.9.7e on Tru64 Unix 5.1A.I could generate the
Certificate even without /dev/random or /dev/urandom
Or EGD daemons.
But now I am using OpenSSL 0.9.8 in the same environment and I am
getting an error PRNG not seeded.
I would like to know if any changes have been done in
21 matches
Mail list logo
