Forwarded to openssl-users for public discussion.
Best regards,
Lutz
- Forwarded message from Victor Yepez yepez.vic...@gmail.com -
Date: Tue, 24 Mar 2009 17:31:55 -0430
From: Victor Yepez yepez.vic...@gmail.com
Subject: How to disable SSL
To: r...@openssl.org
User-Agent:
Hello !
I have a problem with SAFARI 3+4 under windows connecting to a website using
SSL (self signed and trial cert from rapdissl). If i connect i get SSL
Failure error:1408F119:SSL routines:SSL3_GET_RECORD:decryption failed or bad
record mac in my log files.
Now it seems this error belongs to
I need some help in knowing how can I modify the openssl so that
openssl commands like openssl s_client/s_server which I am using to
test the ssl server/clients will start using a modified values for max
record size, session id etc e.g. session id limit currently is 32 if I
want to try out
Hello, when I use the Openssl 0.9.8 i, I use the command ec,but it’s
tell me that ec is an invalid command.
I don’t know why?
I use the commands “./config ”,”make ””make test” “make install” to install the
openssl ,but I find the “no-ec” is a default option, so I can’t use the ec
Hi!
In my centos5.2 system, I have already installed
openssl_0.9.8b-10.el5_2.1.rpm package.
But when I try to make a CA server, the crl.pem could no be made by me,
prompted like below:
[r...@cncips ~]# openssl ca -gencrl -out crl.pem
Using configuration from /etc/pki/tls/openssl.cnf
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
OpenSSL Security Advisory [25-Mar-2009]
Three moderate severity security flaws have been fixed in OpenSSL 0.9.8k.
ASN1 printing crash
===
The function ASN1_STRING_print_ex() when used to print a BMPString or
UniversalString will
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
OpenSSL version 0.9.8k released
===
OpenSSL - The Open Source toolkit for SSL/TLS
http://www.openssl.org/
The OpenSSL project team is pleased to announce the release of
version 0.9.8k of our open source
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
OpenSSL version 0.9.8k released
===
OpenSSL - The Open Source toolkit for SSL/TLS
http://www.openssl.org/
The OpenSSL project team is pleased to announce the release of
version 0.9.8k of our open source
Hi,
Ok. I ran the fips_test_suite.exe and checked for the system information. I
have 2 situations.
1. One of the system does not support FIPS mode operation. It's an AMD Athlon
XP which does not support SSE2. Hence I built Openssl dlls using no-sse2 flag.
Even after using these new dlls I am
On Wed, Mar 25, 2009, Uma G. Nayak wrote:
Hi,
Ok. I ran the fips_test_suite.exe and checked for the system information. I
have 2 situations.
1. One of the system does not support FIPS mode operation. It's an AMD Athlon
XP which does not support SSE2. Hence I built Openssl dlls using
Oh!! But it did not throw any errors. Will try with no-asm option.
-Original Message-
From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org]
On Behalf Of Dr. Stephen Henson
Sent: Wednesday, March 25, 2009 6:37 PM
To: openssl-users@openssl.org
Subject: Re: Server
On Wed March 25 2009, Uma G. Nayak wrote:
Hi,
Ok. I ran the fips_test_suite.exe and checked for the system information. I
have 2 situations.
You have had a reply for your #1 case - you should be able to make progress on
that one.
Your #2 case - you are correct, a P-IV does SSE2 very well
I used no-asm while building Openssl in the steps I mentioned earlier. But the
server still gives the 'unsupported platform' error.
Is it that AMD processors don't support FIPS at all?
-Original Message-
From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org]
On
That would be something in the code along the lines of:
SSL_CTX_set_cipher_list(ctx, HIGH);
(See also the SSL_CTX_set_cipher_list/SSL_set_cipher_list man page.
In the code, there's defines for most groupings as SSL_TXT_* #defines;
see for the internals: ssl.h / ssl_ciph.c / s3_lib.c)
On Wed,
Hi, I am trying to compile openssl sources on OpenBSD4.3.
I got the following error:
encode.c: In function `EVP_DecodeUpdate`:
encode.c:357: internal compiler error: Segmentation fault.
I have a complete fresh installation of OpenBSD. I don't know if the problem
is related to OpenSSL or
The problem was related to my virtualisation environnement (virtualbox).
No problem with OpenSSL...
No problem with OpenBSD...
Cyanure wrote:
Hi, I am trying to compile openssl sources on OpenBSD4.3.
I got the following error:
encode.c: In function `EVP_DecodeUpdate`:
encode.c:357:
Still no luck :(. Is it that FIPS mode doesnt work on AMD processors? In the
Security Policy pdf at https://www.openssl.org/docs/fips/SecurityPolicy-1.2.pdf
8 platforms on which the Module was tested are listed:
U1 Linux x86 no-asm Linux.2.6.18_i686_gcc-4.1.2 (OpenSuSE 10.2) no-asm
U2 Linux
On Thu, Mar 26, 2009, Uma G. Nayak wrote:
Still no luck :(. Is it that FIPS mode doesnt work on AMD processors? In the
Security Policy pdf at
https://www.openssl.org/docs/fips/SecurityPolicy-1.2.pdf 8 platforms on
which the Module was tested are listed:
U1 Linux x86 no-asm
Umm... the CHANGES file linked refers to changes from 0.9.8k to
0.9.9, and I have to scroll down 752 lines to get to:
Changes between 0.9.8j and 0.9.8k [xx XXX ]
*) Add 2.5.4.* OIDs
[Ilya O. vrgh...@gmail.com]
I assume that the xx XXX should refer to 25 Mar 2009?
Thanks for
Is this new release openssl 9.8k supports fips capability
Thanks
Rajan
On Thu, Mar 26, 2009 at 1:37 AM, Kyle Hamilton aerow...@gmail.com wrote:
Umm... the CHANGES file linked refers to changes from 0.9.8k to
0.9.9, and I have to scroll down 752 lines to get to:
Changes between 0.9.8j and
Hi,
1) Where should the no-asm option be given? With the Configure command or the
do_fips command? I have used no-asm with Configure command.
I have built as follows:
perl Configure VC-WIN32 no-asm
vcvars32.bat
ms\do_fips
2) out32dll\fips_test_suite gives the following:
FIPS-mode test
If you're on Windows, you MUST use either ms\do_fips or ms\do_fips no-asm.
-Kyle H
On Wed, Mar 25, 2009 at 8:40 PM, Uma G. Nayak uma_na...@mindtree.com wrote:
Hi,
1) Where should the no-asm option be given? With the Configure command or the
do_fips command? I have used no-asm with Configure
22 matches
Mail list logo