Hi All,
Here is the part of the code that was previously developed. The code
successfully extract a public key from some secure server, now I like to
know how to extract the exponent and modules of the public key
(rsa_public_key).
EVP_PKEY *public_key = NULL;
RSA *rsa_public_key =
To: openssl-users@openssl.org
Subject: Newbie questions: extracting public key's exponent and modules.
Hi All,
Here is the part of the code that was previously developed. The code
successfully extract a public key from some secure server, now I like to
know how to extract the exponent and modules
On January 6, 2009 12:20:47 pm Richard Lichvar wrote:
A newbieto OpenSSL here. (Mainly used to using 3rd party authorities.)
Not very good at command line stuff either.
1. Cert request generated from IIS 6 but it is against the default
website with .txt extension. Can a cert be
A newbieto OpenSSL here. (Mainly used to using 3rd party authorities.)
Not very good at command line stuff either.
1. Cert request generated from IIS 6 but it is against the default
website with .txt extension. Can a cert be generated using this request?
2. Used the example in
Much appreciated Endhy.
Garyc
--- Endhy Aziz [EMAIL PROTECTED] wrote:
I wrote :
One of the chapter, Designing With SSL may help
.
Should be :
One of the chapter, Coding With SSL may help
Regards,
--Endhy
See SSL and TLS by Eric Rescorla. It describes SSL protocol completely,
including how to program with SSL. One of the chapter, Designing With SSL
may help you.
--Endhy
I wrote :
One of the chapter, Designing With SSL may help .
Should be :
One of the chapter, Coding With SSL may help
Regards,
--Endhy
Hi,
I downloaded and installed open-ssl on a windows
environment. I then used the openssl application to
start the s_client and s_server.
I ran the client and server with the following
commands. I then attempted to connect my client to the
s_server. I managed to connect to the server but
Hey Mark,
Yep I think your right. Ordered the Network
Security with OpenSSL book.
Thanks,
Garyc
--- Mark [EMAIL PROTECTED] wrote:
Hi,
I downloaded and installed open-ssl on a windows
environment. I then used the openssl application
to
start the s_client and s_server.
I ran the
I believe a PDF is available for free on the Internet. I googled for it a
few weeks ago thinking I would find an abstract of it and instead found the
entire book.
Chaz
On 5/23/07, gary clark [EMAIL PROTECTED] wrote:
Hey Mark,
Yep I think your right. Ordered the Network
Security with OpenSSL
Hey Chas,
You dont happen to know the link. Did a quick search
and just got the pdf with just the first 5 chapters?
Much appreciated,
Garyc
--- Chas. [EMAIL PROTECTED] wrote:
I believe a PDF is available for free on the
Internet. I googled for it a
few weeks ago thinking I would find an
When I get back to my house this evening I will send you the file. Will that
be alright?
Chas.
On 5/23/07, gary clark [EMAIL PROTECTED] wrote:
Hey Chas,
You dont happen to know the link. Did a quick search
and just got the pdf with just the first 5 chapters?
Much appreciated,
Garyc
---
Excellent Chas.
Thanks,
Garyc
--- Chas. [EMAIL PROTECTED] wrote:
When I get back to my house this evening I will send
you the file. Will that
be alright?
Chas.
On 5/23/07, gary clark [EMAIL PROTECTED]
wrote:
Hey Chas,
You dont happen to know the link. Did a quick
search
and
Hello,
I downloaded and installed open-ssl on a windows
environment. I then used the openssl application to
start the s_client and s_server.
I ran the client and server with the following
commands. I then attempted to connect my client to the
s_server. I managed to connect to the server but
I am a newbie with both openssl security in general. So excuse me if my
questions are naive.
1) I have installed openssl sources. In the certs directory,
there are various certificates. I looked at a couple of
them - aol1.pem vsign1.pem.
The vsign1.pem starts with
subject=/C=US/O=VeriSign,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Rocky S schrieb:
1) I have installed openssl sources. In the certs directory,
there are various certificates. I looked at a couple of
them - aol1.pem vsign1.pem.
The vsign1.pem starts with
[...]
The aol1.pem directly starts with
Thanks Kyle. I had not been aware of the registration authority
option.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Kyle Hamilton
Sent: Monday, 3 April 2006 2:21 p.m.
To: openssl-users@openssl.org
Subject: Re: Newbie questions : 2 issues relating
Title: Message
First some
background.
First issue: I'm
wanting to establishcertificate-driven, IPSec-based authentication and
access on my local LAN. Participants are mainly Windows XP machines (including
some laptops via wireless access points which started this process) and a SUSE
Linux
The Cisco also needs to be exempted from the authenticated domain
members rule, unless you can set its identifying certificate up as
authenticatable to the domain. (You are authenticating against the
Windows 2000 domain, correct?)
There are known issues with restricting access to known machines
I take it that the easiest solution is to establish a
certificate-authenticated VPN instead then?
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Kyle Hamilton
Sent: Monday, 3 April 2006 11:26 a.m.
To: openssl-users@openssl.org
Subject: Re: Newbie
] On Behalf Of Kyle Hamilton
Sent: Monday, 3 April 2006 11:26 a.m.
To: openssl-users@openssl.org
Subject: Re: Newbie questions : 2 issues relating to interaction between
Linux, Windows 2000 and Cisco.
The Cisco also needs to be exempted from the authenticated domain
members rule, unless you can set
On 4/2/06, Davidson, Brett (Managed Services) [EMAIL PROTECTED] wrote:
I can set the Cisco certificate to authenticate to the W2K domain.
That's reasonably simple.
Deciding what to do about things after that gets a little interesting
but that's another topic... :-)
The anonymous connection
dear all:
i am new to the open ssl library, after a couple of days source code reading,
my understanding is that one can either use bio (come with the open ssl lib) or
standard socket interface to connect ssl protocol to the underlying tcp
protocol, if i would like to use standard socket to
On Sat, Nov 19, 2005, Chong Peng wrote:
dear all:
i am new to the open ssl library, after a couple of days source code
reading, my understanding is that one can either use bio (come with the open
ssl lib) or standard socket interface to connect ssl protocol to the
underlying tcp
, November 19, 2005 1:46 PM
To: openssl-users@openssl.org
Subject: a couple of newbie questions regarding ssl lib
dear all:
i am new to the open ssl library, after a couple of days source code
reading, my understanding is that one can either use bio (come with the open
ssl lib) or standard socket
, 2005 3:46 PM
To: 'openssl-users@openssl.org'
Subject: RE: a couple of newbie questions regarding ssl lib
I'm far from an expert, but your flow below seems mostly right. What you
describe is how we have used SSL in our application. We do not use BIOs for
a number of reasons, one of which is that we
Hi there,
Your second question happens to concern what I'm working on right now.
Sometimes rather than developping an application on top (think layer
architecture) of OpenSSL, you might want to give your application
control over the network access but still use OpenSSL as a security
module
Hello there,
I have some queries in SSL,
[#]. Do I need to sign the certificate from some CAs, before making use of
SSL in local network?
[#]. How does the client verify the server's certificate?
Any help will be highly appreciated.
Thanks
-Rohan
On Tue, Sep 14, 2004, Steve Ankeny wrote:
Here's the commands I used to create my own CA and my own certificate
and key
CA.pl -newca
CA.pl -newreq
CA.pl -signreq
Everything went well (no errors), and I wound up with newcert.pem and
newreq.pem (as well as cacert.pem as expected).
Exactly right!
openssl s_client -CAfile demoCA/cacert -connect server.net:443
This returns no errors.
However, I still get the following when I try to connect from Mozilla.
The connection was refused when trying to contact 192.168.1.103
Stupid me! I was using http://;! It works perfectly with
On Sat, Sep 11, 2004, Steve Ankeny wrote:
Sorry about the html
First of all, I am using Mozilla. I never use IE
What version of Mozilla are you using? If you have a newer version then you
will have an Import button. You select Edit-Preferences-Private
Security-Certificates. Then
Very good suggestions! Thanks
I will not have time to try these until this evening, but I will report
any errors, etc. You guys are the best.
Dr. Stephen Henson wrote:
On Sat, Sep 11, 2004, Steve Ankeny wrote:
Sorry about the html
First of all, I am using Mozilla. I never use IE
What
Here's what I did
Command
Usage
openssl genrsa -des3 -out ca.key 1024
Created key for my own CA
Remained in /etc/ssl
openssl req -new -x509 -days 3650 -key ca.key
-out ca.crt
Created the CA
On Sat, Sep 11, 2004, Steve Ankeny wrote:
Please don't post in HTML.
As to your query. This is much easier if you follow the CA.pl instructions.
Some guides suggest you do all manner of strange and in some cases insecure
things.
You do *not* import the server private key and certificate into
Sorry about the html
First of all, I am using Mozilla. I never use IE
Secondly, every time I try to import the 'server.crt' it complains that
it is not in 'pkcs12' format.
Thirdly, the CA.pl guides are just as confusing as the OpenSSL guides.
I have yet to find a clear-cut description of
I am designing a secure webserver for use in a small company. The
connection must be secure.
My plan is to use SSL/TLS and 'AuthConfig/htpasswd' to make the
connections. I have reviewed various explanations of how to create my
own Certificate Authority and how to create both server and client
Hi Steve,
Here are a couple books that helped me understand SSL and the X.509
security model:
Network Security with OpenSSL, ISBN 059600270X
Planning for PKI, ISBN 0471397024
Joe
On Sep 10, 2004, at 1:17 PM, Steve Ankeny wrote:
I am designing a secure webserver for use in a small company. The
First, as to my previous question: Thanks to Dr Hanson for figuring out my sender
sent a file with an extra data(really a second message) stuck on the end.
I'll cut to the chase: I need to come up with a set of openssl commands that will
decrypt and verify an incoming SMIME message and just
On Wed, Apr 07, 2004, Spencer Yost wrote:
First, as to my previous question: Thanks to Dr Hanson for figuring out my
sender sent a file with an extra data(really a second message) stuck on the
end.
I'll cut to the chase: I need to come up with a set of openssl commands
that will decrypt
Hi
I have some easy (I hope) questions:
I wrote a multithreaded ftp bouncer in c++
So far everything works
But if I use certain ftp clients (for example flashfxp v2.1.923) sometimes
some bytes disappear
And if I transfer a textfile, there is a ? at every lineend
The datafiles are not corrupted
Hi -
I am working on a perl SSL wget type program, and I have a few questions
regarding certificate authentication. I am sorry if these are silly
questions; I have been trying to find documentation for quite some time and
cant seem to find anything. So my questions are, basically, how do I set
Hello,
Many thanks to all who answered my questions. I'm on the way to install ssh.
Best regards,
Serban
On Mon, Nov 01, 1999 at 12:01:59PM +, Pete Chown wrote:
On Fri, Oct 29, 1999 at 02:33:41PM -0100, Serban Udrea wrote:
This mail is mainly focusing on SSLtelnet which I intend to
SSH is nice, but I would also like to build SSL-telnet, and ran into the
same problem. Is anyone maintaining SSL telnet? Has anyone gotten an
SSL-enabled telnet to build against a recent version of OpenSSL?
-Mike Slass
WRQ, Inc.
"Dr. Greg Quinn" wrote:
What about SSH instead?
On Fri,
43 matches
Mail list logo