Re: [openssl-users] Certificate chain validation

https://www.openssl.org/docs/man1.0.2/ssl/SSL_CTX_use_certificate.html https://www.openssl.org/docs/man1.0.2/ssl/SSL_CTX_add_extra_chain_cert.html The linked documents didn’t say the APIs must be called on *client* side, and it works fine in my code on both client and server side. I am under the

Re: [openssl-users] EVP_CIPHER_CTX array not compiling

On Sun, Apr 23, 2017 at 9:36 AM, Salz, Rich via openssl-users wrote: >>#define OTEXT_AES_KEY_INIT(ctx, buf) { \ >>EVP_CIPHER_CTX_init(ctx); \ >>EVP_EncryptInit_ex(ctx, EVP_aes_128_ecb(), NULL, buf, ZERO_IV); \ >>} > > Most of the datatypes are

Re: [openssl-users] EVP_CIPHER_CTX array not compiling

>#define OTEXT_AES_KEY_INIT(ctx, buf) { \ >        EVP_CIPHER_CTX_init(ctx); \ >        EVP_EncryptInit_ex(ctx, EVP_aes_128_ecb(), NULL, buf, ZERO_IV); \ >        } Most of the datatypes are now opaque. This means you can't have an EVP_CIPHER_CTX object, but instead a pointer to it. Don't call

[openssl-users] EVP_CIPHER_CTX array not compiling

​Hi, I have a problem with converting my C++ library into OpenSSL v1.1.0. I'm using CentOS 7 and OpenSSL v1.1.0. When I'm trying to use EVP_CIPHER_CTX as an array, my code does not compile. I understand that this is caused by making the structures opaque. The problem is this line

Re: [openssl-users] How do I connect to this server

You should be able to do this using stunnel: see for example https://www.elastic.co/guide/en/cloud/current/tunneling-ssl.html where your telnet commands would be the "client which supports only http". But you can also learn a lot by playing with curl ... > I know that this is a TLS related