Hello!
I have read earlier messages about support of RSA-PSS, but I'm confused.
I'm trying to verify certificate that signed using RSA-PSS. OpenSSL version
is 1.0.0a.
==
X509_STORE_CTX cert_ctx;
On Wed, Nov 03, 2010, Alexei Soloview wrote:
Hello!
I have read earlier messages about support of RSA-PSS, but I'm confused.
I'm trying to verify certificate that signed using RSA-PSS. OpenSSL version
is 1.0.0a.
PSS certificate signatures are not supported in OpenSSL 1.0.0a. Currently
On 11/2/2010 6:25 PM, Md Lazreg wrote:
r=select(m_sock_fd + 1, fds, 0, 0, ptv);
if (r = 0 (Errno == EAGAIN || Errno == EINTR))/*if we timed
out with EAGAIN try again*/
{
r = 1;
}
This code is broken. If 'select' returns zero, checking errno is
Hi
I need to cross-compile openSSL when my host is i686-pc-linux-gnu and
the target is mips64-octeon-linux-gnu?
On the ./Configure oprions I don't see any matching platform
Thank you
Naaama Bar-Menachem
Software Engineer, RD
Hi,
I want to copy an x509_store variable in another one which have the same
type (x509_store).
is there a method like (memcopy in c++) which copy from x509_store to
x509_store?
Thanks.
--
Amicalement
Fatma
HI!
I'm feeling dumb since this simple command fails and I cannot see why:
$ openssl verify -CAfile rootcacert.pem subcacert.pem
subcacert.pem: C = DE, O = SCA Deutsche Post Com GmbH, CN = Signtrust CERT
Root CA 1:PN
error 2 at 1 depth lookup:unable to get issuer certificate
I've attached the
Hi Michael,
Your rootcacert is not a root cert, as it was issued by C=US, ST=UT, L=Salt
Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com,
CN=UTN-USERFirst-Client Authentication and Email. You need to append that
cert as well to your CAfile.
Erik
On Wed, Nov 03, 2010, Naama Bar Menachem wrote:
Hi
I need to cross-compile openSSL when my host is i686-pc-linux-gnu and
the target is mips64-octeon-linux-gnu?
On the ./Configure oprions I don't see any matching platform
You can set the environment variables MACHINE, RELEASE, SYSTEM
Erik Tkal et...@juniper.net writes:
Hi Michael,
Your rootcacert is not a root cert, as it was issued by C=US,
ST=UT, L=Salt Lake City, O=The USERTRUST Network,
OU=http://www.usertrust.com, CN=UTN-USERFirst-Client Authentication
and Email. You need to append that cert as well to your
On Wed, Nov 3, 2010 at 9:12 AM, David Schwartz dav...@webmaster.com wrote:
On 11/2/2010 6:25 PM, Md Lazreg wrote:
r=select(m_sock_fd + 1, fds, 0, 0, ptv);
if (r = 0 (Errno == EAGAIN || Errno == EINTR))/*if we timed
out with EAGAIN try again*/
{
r = 1;
Maybe that's a bug in OpenSSL 0.9.8o? The docs for verify say It is an error
if the whole chain cannot be built up.
Erik Tkal
Juniper OAC/UAC/Pulse Development
-Original Message-
From: owner-openssl-us...@openssl.org
On Wed, Nov 03, 2010, Bruce Stephens wrote:
Erik Tkal et...@juniper.net writes:
Hi Michael,
Your rootcacert is not a root cert, as it was issued by C=US,
ST=UT, L=Salt Lake City, O=The USERTRUST Network,
OU=http://www.usertrust.com, CN=UTN-USERFirst-Client Authentication
and Email.
Erik Tkal wrote:
Your rootcacert is not a root cert, as it was issued by C=US, ST=UT,
L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com,
CN=UTN-USERFirst-Client Authentication and Email. You need to append that
cert as well to your CAfile.
Shouldn't it be possible to
Erik Tkal et...@juniper.net writes:
Maybe that's a bug in OpenSSL 0.9.8o? The docs for verify say It is
an error if the whole chain cannot be built up.
Maybe, but I think it's just as reasonable to regard it as a bug in the
docs.
I think it's useful for verify to be able to verify chains
Bruce Stephens wrote:
Erik Tkal et...@juniper.net writes:
Maybe that's a bug in OpenSSL 0.9.8o? The docs for verify say It is
an error if the whole chain cannot be built up.
Maybe, but I think it's just as reasonable to regard it as a bug in the
docs.
I think it's useful for verify to
Dr. Stephen Henson st...@openssl.org writes:
[...]
Is that unmodified OpenSSL 0.9.8o? If so that's peculiar I get the expected
error here.
No, it's Debian's 0.9.8o-2.
[...]
__
OpenSSL Project
From: owner-openssl-us...@openssl.org On Behalf Of Harakiri
Sent: Tuesday, 02 November, 2010 10:06
BIO_set_flags(b64,BIO_FLAGS_BASE64_NO_NL)
Output doesn't generate (any) linebreaks. Input doesn't
REQUIRE them every 80, but does ALLOW them anywhere.
Sorry, but it looks like I misled
Hello,
Does anyone know if the latest FIPS-capable OpenSSL can be used safely
by multi-threaded applications?
I have read the various FIPS-related docs for OpenSSL and did not see
any mention of thread support.
Per http://www.openssl.org/docs/crypto/threads.html, I understand that
the
Hello,
Does anyone know if mttest (crypto/threads/mttest.c) works with a FIPS-
capable OpenSSL?
I am trying it on Mac OS X 10.5.8. I am not sure if the test results
are expected or not.
Am I running or building mttest incorrectly?
Here are the details:
$ sw_vers
ProductName:Mac OS
19 matches
Mail list logo
