> Uri, Greetings!
Hello there! ;-)
> On 8/28/19 6:09 PM, Blumenthal, Uri - 0553 - MITLL wrote:
> > Do you have an ASN.1 definition fit the content of CSR, or are you willing
> > to create one?
>
> For now working with ASN.1.
In that case, I would use one of the available defined standards,
Uri, Greetings!
On 8/28/19 6:09 PM, Blumenthal, Uri - 0553 - MITLL wrote:
Do you have an ASN.1 definition fit the content of CSR, or are you
willing to create one?
For now working with ASN.1.
IMHO, DER would be a pretty good choice, fat better than something
home-brewed and non-standard.
Do you have an ASN.1 definition fit the content of CSR, or are you willing to
create one?
IMHO, DER would be a pretty good choice, fat better than something home-brewed
and non-standard.
Regards,
Uri
Sent from my iPhone
> On Aug 28, 2019, at 17:49, Robert Moskowitz wrote:
>
> CSR is an
CSR is an object in a container that goes over a 'wire'. Sometimes the
wire is very small (BT4) so the container needs to be tightly designed.
It should be a standard, not something totally off the wall. Well I
could do it in CBOR, and probably will at some point, but for now
something
I don't see the point in DER encoding for a CSR – The RA and CA decide the
composition of the cert, based on the rules and CPA that they follow, and
of course any cert issued will be in DER format, and may include reordering
or modified/expanded extensions and key use restrictions. A CSR is
Our server runs with DH key size of 2048 bits and we are trying to make
requests with httparty(https://github.com/jnunemaker/httparty) to a server
that uses DH key size of 1024 bits, i want to now for what reason we are
getting this error SSL_connect returned=1 errno=0 state=error: dh key too
Peter, thank you for the response.
On 8/28/19 10:09 AM, Bowen, Peter wrote:
I think you want RFC 2986 (https://tools.ietf.org/html/rfc2986 ). That is the most
recent "PKCS #10" specification that I have seen and should align with what
`openssl req` creates. Adding '-outform DER' to your
I am writing an Internet Draft that will include transmission of a CSR,
so I need to reference the proper source. No more sloppy, "well it
works...".
Some digging said it is in PKCS#10 - CSR. But I did not stop with that.
A bit more googling lead me to RFC 4211...
When I create a CSR with:
On 28/08/2019 13:46, Dan Heinz wrote:
> We're moving from the 1.0.x branch to the 1.1.1 branch of OpenSSL. When
> building OpenSSL 1.1.1c, I get an error that there is not an enable-tlsext
> configuration parameter. I can't seem to find any information on when or why
> this was removed. Is
Сергей ,
We are aware that we do not handle the fork(2) system call perfectly. My
advice would be to not hold a lock while calling fork(2). OpenSSL, as of
1.1.0, does hold per-process locks itself. The locking callbacks were present
in 1.0.2 and before but are now obsolete.
Even if it
Hello,
I have a question regarding the usage of the master DRBG during the fork
operation. As far as I understand from the source code and articles, during
the fork the library will perform the lock of the master DRBG to obtain the
entropy for public and private DRBG.
However, the library does not
On 27/08/2019 17:24, we...@infotech.de wrote:
> Dear users,
>
> during migration from version 1.0.2s to 1.1.1c we are missing the makro
> ASN1_EX_COMBINE.
>
> It was used to embed a choice in a sequence as follows:
>> ASN1_CHOICE(X509AT_ATTRIBUTE_SET) = {
>> ASN1_SET_OF(X509AT_ATTRIBUTE,
Dear users,
during migration from version 1.0.2s to 1.1.1c we are missing the makro
ASN1_EX_COMBINE.
It was used to embed a choice in a sequence as follows:
ASN1_CHOICE(X509AT_ATTRIBUTE_SET) = {
ASN1_SET_OF(X509AT_ATTRIBUTE, value.set, ASN1_ANY),
ASN1_SIMPLE(X509AT_ATTRIBUTE,
On 23/08/2019 12:54, The Doctor wrote:
>
>
> Found this during the tests
>
> ../test/recipes/20-test_enc.t(Wstat: 256 Tests: 162
> Failed: 1)
> Failed test: 161
> Non-zero exit status: 1
>
>
> What informationh do you require?
>
Please provide the output
14 matches
Mail list logo