Thanks Michael.
From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf Of
Michael Wojcik
Sent: September-28-16 2:58 PM
To: openssl-users@openssl.org
Subject: [Newsletter] Re: [openssl-users] cipher suite list
Ivan Ristic's free OpenSSL Cookbook has a long section on cipher
Thanks for the pointers.
As for the silly disclaimer I have no control over adding it or not. My company
must append it to the email when it sends it. :)
From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf Of
Salz, Rich
Sent: September-28-16 1:29 PM
To:
Hi, being somewhat of a newb to the security I thought I would ask the security
community about the current best practices/guidelines for configuring the list
of cipher suites that I should use in my client app. It seems like some cipher
suites fall out of favour over time and I would like to
...@openssl.org] On Behalf Of Dr.
Stephen Henson
Sent: July-21-16 10:34 AM
To: openssl-users@openssl.org
Subject: [Newsletter] Re: [openssl-users] Same openssl app behaves differently
depending on platform
On Thu, Jul 21, 2016, Carl Heyendal wrote:
> I have an app that uses openssl to connect to a ser
I have an app that uses openssl to connect to a server on a different machine.
In one case on my Ubuntu machine the app has no problem getting a secure
connection. But when I recompile the same app for an embedded target board and
run it I get this error:
# ./client3 192.168.1.99
Enter PEM
_CERT_LOCALLY indicates that an otherwise valid
cert has been processed, but the issuer is unknown.
X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT indicates that a self-signed cert was
read. Any other return value is a fatal error (signature failure etc).
Matthew
On 1 July 2016 at 05:34, Carl Heyendal
", SSL_FILETYPE_PEM)
SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, verify_callback);
SSL_CTX_set_verify_depth(ctx, 4);
SSL_CTX_set_options(ctx, SSL_OP_ALL | SSL_OP_NO_SSLv2);
And also I used the openssl verify command to double check the certificate
against itself (not sure if this really does a
