Has someone successfully compiled and running mod_ssl with Apache 1.3.12 on
NT?
If so, can you help me?
I can compile and run Apache, and also openssl.
But not together, there's a conflict because Apache is using winsock2.h and
the mod_ssl the old winsock.h.
Then when mod_ssl includes files from
I am a student of china.I am doing a
project of PKI.When I am compiling /usr/local/ssl/apps/x509.c ,a lot of errors
occur:% make gcc -o x509
x509.o -L usr/local/ssl -lcryptold: 0711-317 error:undefined symbol£º
.OpenSSL_add_all_algorithmsld: 0711-317 error:undefined symbol£º
I am a student of china.I am doing a
project of PKI.When I am compiling /usr/local/ssl/apps/x509.c ,a lot of errors
occur:% make gcc -o x509
x509.o -L usr/local/ssl -lcryptold: 0711-317 error:undefined symbol£º
.OpenSSL_add_all_algorithmsld: 0711-317 error:undefined symbol£º
try -L/usr/local/ssl/lib and/or -L/usr/local/lib -lcrypto -lssl
depends on where you installed the openssl libs ...
ÀîÑï wrote:
I am a student of china.I am doing a project of PKI.When I am
compiling /usr/local/ssl/apps/x509.c ,a lot of errors occur:
% make
gcc -o x509
tried to install openssl for licq and ./config worked fine but make
failed as below ( thanks for any help on this ):
[root@dialup-209 openssl-0.9.5a]# make
making all in crypto...
make[1]: Entering directory `/usr/local/openssl-0.9.5a/crypto'
( echo "#ifndef MK1MF_BUILD"; \
echo " /*
here is complete email including the report for install error:
make atttempt then "make report" following.
[root@dialup-209 openssl-0.9.5a]# make
making all in crypto...
make[1]: Entering directory `/usr/local/openssl-0.9.5a/crypto'
( echo "#ifndef MK1MF_BUILD"; \
echo " /*
Hi all!
What's wrong with this program:
- start --
#ifdef __cplusplus
extern "C" {
#endif
#include openssl/bio.h
#ifdef __cplusplus
}
#endif
int main ( int argc, char* argv[] )
{
BIO *bio_err;
if ((bio_err=BIO_new(BIO_s_file())) != NULL)
Milan Durovic wrote:
It crashes when it tries to do 'BIO_printf'.
I suspect BIO module requires some
setup, but I don't know what setup, and there's no documentation.
There is plenty of documentation available, both in the distribution and
on the OpenSSL homepage.
Your specific problem is
[There is no reason to crosspost this to openssl-cvs.]
On Sun, Aug 20, 2000 at 06:45:10AM +0530, Vimalan.G wrote:
OpenSSL self-test report:
OpenSSL version: 0.9.5a
Last change: Make sure _lrotl and _lrotr are only used with
MSVC
Options: no-asm -D_REENTRANT
OS (uname):
i just started the Thawte Server Cert Enrollment process on Thawte's web
pages (https://www.thawte.com/cgi/server/step1.exe). on the first page of
the enrollment process i cut and pasted the Certificate Signing Request.
on the second page of the enrollment i got puzzled by a piece of text
which
Hello everyone,
I am now testing OpenSSL with sample program in openssl-0.9.5a.tar.gz .
These sample doesn't use client certificate.
So, I'd like to change client to send certificate to server.
I added following lines to cli.cpp.
-
#define HOME "./"
#define CERTF
On Mon, Aug 21, 2000 at 12:55:42PM +0300, Marko Asplund wrote:
i'm a bit confused by this message. the common name field in the
certificate signing request is CN=puppa.huuhaa.org. how can it be that
browsers would give name mismatch warnings if the URL used is not
https://puppa.huuhaa.org/?
Hi,
Marko Asplund [SMTP:[EMAIL PROTECTED]] asked:
[...]
i'm a bit confused by this message. the common name field in the
certificate signing request is CN=puppa.huuhaa.org. how can it be that
browsers would give name mismatch warnings if the URL used is not
https://puppa.huuhaa.org/? don't
On Mon, 21 Aug 2000, Lutz Jaenicke wrote:
...
The browsers don't have the slightest idea on the "server name". The only
reliable information is the URL. A hostname being obtained by DNS lookup
may already be faked by someone tampering with your DNS servers (or packets).
A server name sent
From my experience with a Thawte certificate: I could use a
www.something.co.za certificate for
https, simap, spop and some other things as long as the name used by the
program requesting it, was www.something.co.za. The protocol and ports
did not matter at all.
Hope this helps.
Robert
On Mon, Aug 21, 2000 at 03:15:06PM +0300, Marko Asplund wrote:
The browsers don't have the slightest idea on the "server name". The only
reliable information is the URL. A hostname being obtained by DNS lookup
may already be faked by someone tampering with your DNS servers (or packets).
A
hello everyone.
Sorry.
I noticed that this question was FAQ.
I should have used s_client.c and s_server.c sample codes.
then, I have one more question.
I am developping SSL proxy program.
This proxy has following functions.
1) proxy receives client certificate from client (browser).
2) with
I'm having a problem signing a server certificate request from an Oracle web
server. The problem is the organisationname field of the request is coming
in as T61STRING and therefore failing the mandatory o match I've set in my
openssl.cnf file even though it is correct when displayed as plain
The answer to your question is 'yes'. The proxy service if designed
this way would require access to the client's private key.Why not
do what every other proxy service does, just proxy the raw bytes and
let the SSL/TLS connection be end to end through the proxy service.
hello everyone.
In my
way
tar -xvzf
openssl-0.9.5a.tar.gz
tar -xvzf patch-2.5.tar.gz
tar -xvzf apache_1.3.12.tar.Z
tar -xvzf apache_1.3.12+ssl_1.41.tar.gz
and
In openssl-0.9.5a directory
./config
make
make test
make install
and
In patch-2.5 directory
./configure
make
make install
and
On Mon, Aug 21, 2000 at 03:15:06PM +0300, Marko Asplund wrote:
On Mon, 21 Aug 2000, Lutz Jaenicke wrote:
...
The browsers don't have the slightest idea on the "server name". The only
reliable information is the URL. A hostname being obtained by DNS lookup
may already be faked by someone
You are not finding your crypto or ssl libs. Use a -L/usr/local/ssl/lib
or whatever that points directly to the location of the crytpo/ssl libs.
You may have to add a -lgcc depending on your platform.
±èº´°ü wrote:
In my way
tar -xvzf openssl-0.9.5a.tar.gz
tar -xvzf patch-2.5.tar.gz
Is there a way to import a private key (plus certificate) generated with the
genrsa's OpenSSL application to a Windows 2000 Advanced Server machine (with
IIS 5.0).
The problem is we've generated some keys and certs for an Apache + OpenSSL
platform and now we need to move some of the services to
Hi,
just hard to guess it..any example floating around?
thank you,
Vadim
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List
Version is 0.9.5a; RedHat 6.0; using the command line provided on
Thawte.com's site:
./openssl genrsa -rand /dev/urandom -out cart.kloek.com.key 1024
This command has run for over two hours. System stays pegged the whole
time, but operable. Any idea why? Thanks!!!
On Wednesday, August 2, 2000, at 05:08 PM, Michael Tuexen wrote:
Dear opensslers,
has someone compiled openssl compiled on MacOS X DR 4?
Best regards
Michael
Yep. I believe it's included in the Darwin CVS repository (Darwin is the
name for the base OS that Mac OS X sits on). There was
Hi,
Im'm beginner in France but I know read the readme ... ;)
Check the file README.SSL, line 50: you must patch two include file
from openssl (crypt/rand/rand.h and crypto/rand/rand_egd.c) with the file
openssl-0.9.5a-egd.diff
I file-attach this two patched files if you want.
annyonghi kaseyo,
Hello,
I have an SSL client-server application in which the server
authenticates to the client sending its certificate in the SSL handsake,
but the client doesn't authenticates to the server.
Fo my SSL client-server aplication, I need that both authenticates each
other.
Certificate is an attribute that already exists in objects
inetOrgPersonas attribute userCertificate
strongAuthenticationUser as attribute userCertificate
For internet world, suggest you use
objectclass: Top
objectclass: person
objectclass: inetOrgPerson
Signed using a SecureNet
Hi !!!
How can I verify certificates in embedded environment ( files doesn't exist
there ) ?
I cannot load certs from the files but from the internal memory. I would
need the
simplest form for an example:
verify -CAcert CertBufCA CertToVerifyBuf
where -CAcert has the same role as -CAfile.
31 matches
Mail list logo