2nd try,
Thx
Manju
On 17 Oct 2017 3:16 pm, "Manjunath SM" wrote:
Hi All,
Am using openssl-fips-2.0.14 at server side on top of openssl1.0.2K.
Server is operating in FIPS mode(fips mode enabled thru FIPS_mode_set).
Created DSA2048 host key at server which is running in
On Oct 21, 2017, at 11:20 AM, Misaki Miyashita
wrote:
> We encountered a problem using OpenLDAP with OpenSSL when there were more
> than one certificate with the same subject.
>
> Does OpenSSL stop searching for a valid certificate when it finds a
> certificate
Hi,
We encountered a problem using OpenLDAP with OpenSSL when there were
more than one certificate with the same subject.
In our test setup, there were three self-signed certificates with the
same subject, two of which were expired and one was valid.
When the valid certificate is at .0,
They are NOT using a 25519 certificate; it says “key exchange”
From: Codarren Velvindron
Date: Saturday, October 21, 2017 at 9:38 AM
To: Rich Salz , openssl-users
Subject: Re: [openssl-users] Generating CSR based on an x25519
On Sat, Oct 21, 2017 at 9:38 AM, Codarren Velvindron
wrote:
> https://tls13.crypto.mozilla.org is using : The connection to this site is
> encrypted and authenticated using a strong protocol (TLS 1.3), a strong key
> exchange (X25519), and a strong cipher (AES_128_GCM).
https://tls13.crypto.mozilla.org is using : The connection to this site is
encrypted and authenticated using a strong protocol (TLS 1.3), a strong key
exchange (X25519), and a strong cipher (AES_128_GCM).
Using openssl standard tools is it possible to generate a CSR through
Ed25519 ?
--
* How would we be able to achieve this? I have read somewhere on a 2016
mail in the archives that it is an "encrypt-only" algorithm and that is not
possible.
X25519 is a key-exchange-only algorithm. Ed25519 is a signing algorithm.
Unlike classic RSA, the signing and the key exchange are
Errata: I meant private key
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Hello,
How would we be able to achieve this? I have read somewhere on a 2016 mail
in the archives that it is an "encrypt-only" algorithm and that is not
possible.
But I have found many sites on let's encrypt already using this.
Does anyone know how to do this?
Thanks,
Codarren
--