On Mon, Oct 23, 2017 at 6:47 PM, Kyle Hamilton wrote:
> Out of curiosity, what are the algorithm identifiers for X25519 and Ed25519?
>
The ones I am aware of are available in
http://tools.ietf.org/html/draft-josefsson-pkix-newcurves.
Jeff
--
openssl-users mailing list
To
Out of curiosity, what are the algorithm identifiers for X25519 and Ed25519?
-Kyle H
On Mon, Oct 23, 2017 at 3:24 PM, Jakob Bohm wrote:
> On 21/10/2017 15:38, Codarren Velvindron wrote:
>>
>> https://tls13.crypto.mozilla.org is using : The connection to this site is
>>
On 21/10/2017 15:38, Codarren Velvindron wrote:
https://tls13.crypto.mozilla.org is using : The connection to this
site is encrypted and authenticated using a strong protocol (TLS 1.3),
a strong key exchange (X25519), and a strong cipher (AES_128_GCM).
Using openssl standard tools is it
They are NOT using a 25519 certificate; it says “key exchange”
From: Codarren Velvindron <devild...@gmail.com>
Date: Saturday, October 21, 2017 at 9:38 AM
To: Rich Salz <rs...@akamai.com>, openssl-users <openssl-users@openssl.org>
Subject: Re: [openssl-users] Generating CSR
On Sat, Oct 21, 2017 at 9:38 AM, Codarren Velvindron
wrote:
> https://tls13.crypto.mozilla.org is using : The connection to this site is
> encrypted and authenticated using a strong protocol (TLS 1.3), a strong key
> exchange (X25519), and a strong cipher (AES_128_GCM).
https://tls13.crypto.mozilla.org is using : The connection to this site is
encrypted and authenticated using a strong protocol (TLS 1.3), a strong key
exchange (X25519), and a strong cipher (AES_128_GCM).
Using openssl standard tools is it possible to generate a CSR through
Ed25519 ?
--
* How would we be able to achieve this? I have read somewhere on a 2016
mail in the archives that it is an "encrypt-only" algorithm and that is not
possible.
X25519 is a key-exchange-only algorithm. Ed25519 is a signing algorithm.
Unlike classic RSA, the signing and the key exchange are
Errata: I meant private key
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Hello,
How would we be able to achieve this? I have read somewhere on a 2016 mail
in the archives that it is an "encrypt-only" algorithm and that is not
possible.
But I have found many sites on let's encrypt already using this.
Does anyone know how to do this?
Thanks,
Codarren
--
I need to generate a CSR, but OpenSSL always crashes. What am I doing wrong?
c:\GnuWin32\binopenssl genrsa -out switchvox.key 2048
c:\GnuWin32\binopenssl req -new -key switchvox.key -out switchvox.csr
-config ..\share\openssl.cnf
OpenSSL prompts me for the city, state, etc.
I fill
From: owner-openssl-us...@openssl.org On Behalf Of Jesse Keller
Sent: Tuesday, 03 May, 2011 09:17
I need to generate a CSR, but OpenSSL always crashes. What am I
doing wrong?
c:\GnuWin32\binopenssl genrsa -out switchvox.key 2048
c:\GnuWin32\binopenssl req -new
The rpm manager will only update if you install through rpm.
1.5 gb sounds absurd for a csr. Perhaps dump the beginning of
it to see if a particular field is incorrect.
[EMAIL PROTECTED] wrote on 09/11/2008 02:34:04 PM:
I am running Red Hat Enterprise 5.2 with OpenSSL 0.9.8h. The
version of
I am running Red Hat Enterprise 5.2 with OpenSSL 0.9.8h. The version of
OpenSSL available for download from Red Hat Network was out of date so I
downloaded OpenSSL 0.9.8h from openssl.org and did a ./configure, make,
make install. Now, if I do a openssl version, it displays the correct
version,
On Thu, Sep 11, 2008, Fink, David wrote:
My problem is when I generate a csr, the csr file is over 1.5 GB.
Needless to say I think my OpenSSL configuration is screwed up. By the
way I am a noobie if you haven't already guessed.
There is a bug in 0.9.8h which affects certificate request
thanks it is working fine now.
cheers
Rami
On Thu, Feb 21, 2008 at 6:17 PM, [EMAIL PROTECTED] wrote:
Hello,
I want to get the CSR file to purchase an ssl certificate for securing
SMTP on Sendmail,
OS=Redhat ES5 I ran the following:
1. to generate the private key: openssl genrsa -des3
Hi,
I want to get the CSR file to purchase an ssl certificate for securing SMTP
on Sendmail, OS=Redhat ES5 I ran the following:
1. to generate the private key: *openssl genrsa -des3 -out server.key 1024*
then i inserted my passphrase
*2. *to generate CSR: *openssl req -key server.key -out
Hello,
I want to get the CSR file to purchase an ssl certificate for securing
SMTP on Sendmail,
OS=Redhat ES5 I ran the following:
1. to generate the private key: openssl genrsa -des3 -out server.key
1024
then i inserted my passphrase
2. to generate CSR: openssl req -key server.key
Thanks for the concise answer, although I had hoped for something more
reassuring... Unfortunately, implementing a PKCS#11 interface to our
card/applet, as well as writing an ENGINE or a Windows CSP for it, are
all tasks a little out of our time frame for the project. And the
problem seems a
On Sun, Nov 16, 2003, Ñëåïíåâ Âëàäèìèð wrote:
Thanks for the concise answer, although I had hoped for something more
reassuring... Unfortunately, implementing a PKCS#11 interface to our
card/applet, as well as writing an ENGINE or a Windows CSP for it, are
all tasks a little out of our
Can it be done?
thanks
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
Hiya,
I'm using ssl0.9.5a on Solaris 8.
I want to create a RSA private key for my Apache server (will be Triple-DES encrypted
and PEM formatted):
But, when I ran the command :
./openssl genrsa -rand -des3 -out server.key 1024
I have the following error :
0 semi-random bytes loaded
You need to have a source for the -rand flag.
My solution was to use egd and create a file of sufficent length full of
random data.
then the command line was:
openssl genrsa -rand file w/random data -des3 1024 server.key
or
openssl genrsa -rand file w/random data -des3 -out server.key 1024
Julio Cesar de Melhado e Lima [EMAIL PROTECTED] writes:
Hiya,
I'm using ssl0.9.5a on Solaris 8.
I want to create a RSA private key for my Apache server (will be Triple-DES encrypted
and PEM formatted):
But, when I ran the command :
./openssl genrsa -rand -des3 -out server.key 1024
Hello,
On 29 Jan 00, at 19:48, Merton Campbell Crockett wrote:
To date, I have not been able to generate a CSR that is acceptable to the
Netscape Certificate Server. All requests are rejected with a "bad DER
encoding" error.
I had the same error message from Navigator with a certificate
Nicolas Aragon wrote:
Hello,
On 29 Jan 00, at 19:48, Merton Campbell Crockett wrote:
To date, I have not been able to generate a CSR that is acceptable to the
Netscape Certificate Server. All requests are rejected with a "bad DER
encoding" error.
I had the same error message
25 matches
Mail list logo