I do not understand this SSL stuff. I have read
SO much and I am more confused than ever. Here is
my problem.
I own easywebshopping.com My host is addr.com.
They have SSL and a thawte security certificate.
When my patrons (at easywebshopping) go to my
secure order form, the addr.com security
Hello,
Is there a Certificate server in Freeware or for a trial period ?
Thanks
SYSICOM USWEB/CKS
Didier CASTELAIN
Consultant Réseau Sécurité à AXA Réassurance
39 rue du Colisée - 75008 Paris - France
E-Mail [EMAIL
I've written a mail program for OS/2. Have I a chance to incorporate SSL?
Thank you in advance!
/*---*/
/* Eberhard Sturm Tel: +49-251-83-31679 */
/* Universitaetsrechenzentrum Fax:
Hi,
I have some problems finding the following in the documentation:
-- what is the DSA algorithm, and where is it explained ? Is it a short
for LUCDSA (lucas functions instead of exp as in RSA)?
-- what is the format NET (ie. -inform NET or -outform NET). I can see
that it makes the
Hello,
Is there any MD5 hash funcion in the openssl library ?
How can I use it in a C program (parameters and return values) ?
Many thanks.
---
CTV-JET
Carles Xavier Munyoz Baldó / [EMAIL PROTECTED]
http://www.ctv.es/USERS/carles
Dpto. Sistemas / System Department
Clave pública PGP / PGP public
CASTELAIN Didier wrote:
Is there a Certificate server in Freeware or for a trial period ?
Have a look at:
http://www.openssl.org/related/apps.html
Ciao, Michael.
__
OpenSSL Project
David Azari [EMAIL PROTECTED]:
I'm having extreme difficulty setting up an SSL connection between
client and server when neither specifies a certificate and key file.
Actually, the problem seems to be specific to the server. If I tell the
server to use a cert and key, via the
Joshua Chamas [EMAIL PROTECTED]:
Does anyone know how to connect to the wellsfargo site at:
https://banking.wellsfargo.com/
I've tried with:
SSLv2_client_method()
SSLv23_client_method()
SSLv3_client_method()
and nothing.
If they're still using the same buggy server as a couple of
Hi !
My self signed SSL-Server certificate works ok with Netscape but
MSIE 5.0 says following about the certificate :
"This certificate cannot be verified due to a lack of information"
I make the fertificate with "make certificate TYPE=custom"
This will produce 4 files : ca.crt, server.key,
nino wrote:
Hi,
I have some problems finding the following in the documentation:
-- what is the DSA algorithm, and where is it explained ? Is it a short
for LUCDSA (lucas functions instead of exp as in RSA)?
The Digital Signature Algorithm, also called the Digital Signature
Standard
You're sending your email to the wrong people. This is a web-server
issue. You need to get a certificate for easyshopping.com. addr.com
needs to configure their web server so that your certificate is
delivered to people who browse easyshopping.com. That's about all you
really need to know
I'm still unsure about the CA cert?
What does this do, how does it fit in?
Is this the SAME as a signed certificate which the web server uses? (I
don't think so)
Which certificate is the one browsers need to install? (ie: the one we need
to generate for them)
I'm fine with:
- generating a
Hi,
Yes, I can use the ADH cipher suites. I'm doing the same thing you do:
1. I compile the library with SSL_ALLOW_ADH
2. I set the cipher suite to include the ADH cipher (which is not enabled
by default)
I'm also calling "SSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, NULL);" to disable
In [EMAIL PROTECTED], on 08/12/99
at 12:51 PM, nino [EMAIL PROTECTED] said:
-- what is the DSA algorithm, and where is it explained ? Is it a short
for LUCDSA (lucas functions instead of exp as in RSA)?
DSA is Digital Signature Algorithm which is part of DSS Digital Signature
Standard which
On Thu, Aug 12, 1999 at 12:00:00AM +, Jeffrey Altman wrote:
I am setting the cipher list on both my client and server
ADH-DES-CBC3-SHA:ADH-DES-CBC-SHA
and then attempt to make a TLSv1 connection and get the following
error:
[TLS - handshake starting]
[TLS -
Hi,
Look my reply to "ADH ciphers with SSL_ALLOW_ADH - do they work?". I'm
new to openssl too so I might not be giving you the best solution there
is... I think you have to use anonymous Diffie-Hellman if you don't need
any authentication. This cipher suite seems to be disabled by default in
Hello again,
I've seen some discussion about the "dangers" of using the openssl
incorrectly but it has left me more confused than before. I'm using
openssl because I don't know much about ssl and I want a libary to take
care of the details. As I understand it the PRNG initializes itself
On Thu, Aug 12, 1999 at 07:54:22AM -0700, [EMAIL PROTECTED] wrote:
This is not secure. The master secret is derived from data
transmitted in clear and the premaster secret, which is just the
result of the DH exchange, which *can* be influenced by an attacker in
a way such that the client
Jeffrey Altman [EMAIL PROTECTED]:
TLS_CHECKSUM_DATA ::= SEQUENCE {
authentication-type-pair OCTET_STRING, -- 2 bytes
SSLversion INTEGER,-- SSL version number
Cipher OCTET_STRING, -- the 3 byte cipher ID
Session_ID
In [EMAIL PROTECTED], on 08/12/99
at 12:51 PM, nino [EMAIL PROTECTED] said:
-- what is the DSA algorithm, and where is it explained ? Is it a short
for LUCDSA (lucas functions instead of exp as in RSA)?
DSA is Digital Signature Algorithm which is part of DSS Digital Signature
Standard which
At 12:51 PM 8/12/99 +0200, nino wrote:
-- what is the DSA algorithm, and where is it explained ? Is it a short
for LUCDSA (lucas functions instead of exp as in RSA)?
DSA = (U.S. Federal) Digital Signature Algorithm (FIPS 186-1)
See http://csrc.nist.gov/fips/fips1861.pdf
-mjm
==
Michael
If you include hashes of the DH *shares*, as opposed to the *result*
of the DH exchange, then you avoid the protocol weakness.
How would I extract this information from the OpenSSL library?
Jeffrey Altman * Sr.Software Designer * Kermit-95 for Win32 and OS/2
The Kermit
On Wed, 11 Aug 1999, Joshua Chamas wrote:
Does anyone know how to connect to the wellsfargo site at:
https://banking.wellsfargo.com/
I've tried with:
SSLv2_client_method()
SSLv23_client_method()
SSLv3_client_method()
Wells Fargo is using a very old, buggy version of one of the
Vincent Levesque wrote:
Hello,
I've looked around and I'm still a little bit confused about a few
details of Diffie-Hellman. (This is not specific to openssl so feel free
to ignore me :-). First of all, my "experimentations" seem to show that
only the server side needs Diffie-Hellman
Bodo Moeller wrote:
If they're still using the same buggy server as a couple of months
ago, then
openssl s_client -ssl2 -bugs -connect banking.wellsfargo.com:443
should work. Look in the s_client source to see what exactly this does
(it sets all the bug workaround options).
Hey,
Michael J. Markowitz wrote:
At 01:19 PM 8/12/99 +0100, Dr Stephen Henson wrote:
It is a bit more awkward to use than RSA. Like many things, if it wasn't
for the RSA patent hardly anyone would use it.
I have to publicly disagree with this assessment.
[interesting argument deleted]
26 matches
Mail list logo
