CMP mock server OldCertID check behavior

2021-07-08 Thread Petr Gotthard
Hello, I am trying to renew a certificate via CMP and authenticate the request using the same cert. I start the mock server: openssl cmp -port 8080 -srv_trusted test-ca-cert.pem \ -srv_key test-server-key.pem -srv_cert test-server-cert.pem \ -rsp_cert

installing OpenSSL 1.1.1 on RedHat 6.x

2021-07-08 Thread Tim Culhane
Hi, We have a customer who is running our product on a RedHat 6.x server. Our product uses OpenSSL 1.1.1 to handle secure connections. Initial testing by the customer is showing segmentation faults in OpenSSL during the handshake process. We have successfully tested our product on CentOS 7.x

RE: installing OpenSSL 1.1.1 on RedHat 6.x

2021-07-08 Thread Floodeenjr, Thomas
Is the OpenSSL version being used built on the platform that it is run on? You cannot use a version compiled on a newer platform in an older environment. -Tom -Original Message- From: openssl-users On Behalf Of Tim Culhane Sent: Thursday, July 8, 2021 10:56 AM To:

RE: installing OpenSSL 1.1.1 on RedHat 6.x

2021-07-08 Thread Tim Culhane
Well the product in question is pretty legacy so I don't think we will be investing time on that sort of implementation. I understand the customer can use a build of OpenSSL 1.1.1 built for RedHat 6.6 and that should work. Its possible they have used an installation built on a newer RedHat

RE: installing OpenSSL 1.1.1 on RedHat 6.x

2021-07-08 Thread Tim Culhane
Hi Tom, So from what you say, you can run an OpenSSL built on RedHat 6.6 on a RedHat 6.6 server. But you cannot run that build on RedHat 6.5? Thanks, Tim -Original Message- From: Floodeenjr, Thomas Sent: Thursday 8 July 2021 18:02 To: Tim Culhane ; openssl-users@openssl.org

Re: installing OpenSSL 1.1.1 on RedHat 6.x

2021-07-08 Thread Viktor Dukhovni
On Thu, Jul 08, 2021 at 09:58:15PM +0100, Tim Culhane wrote: > We used to ship OpenSSL with our product but decided to decouple OpenSSL so > that customers had the flexibility to run with whatever versionof OpenSSL > and could upgrade OpenSSL when they needed to rather than waiting for an >

Re: installing OpenSSL 1.1.1 on RedHat 6.x

2021-07-08 Thread Viktor Dukhovni
On Thu, Jul 08, 2021 at 05:55:42PM +0100, Tim Culhane wrote: > We have a customer who is running our product on a RedHat 6.x server. > Our product uses OpenSSL 1.1.1 to handle secure connections. > > Initial testing by the customer is showing segmentation faults in OpenSSL > during the handshake

RE: installing OpenSSL 1.1.1 on RedHat 6.x

2021-07-08 Thread Tim Culhane
Hi Victor, We used to ship OpenSSL with our product but decided to decouple OpenSSL so that customers had the flexibility to run with whatever versionof OpenSSL and could upgrade OpenSSL when they needed to rather than waiting for an update from us containing a new OpenSSL implementation. Tim

RE: installing OpenSSL 1.1.1 on RedHat 6.x

2021-07-08 Thread Floodeenjr, Thomas
Tim, 6.6 - 6.5 may likely work. 7.x - 6.x will probably not work. -Tom -Original Message- From: Tim Culhane Sent: Thursday, July 8, 2021 2:56 PM To: Floodeenjr, Thomas ; openssl-users@openssl.org Subject: RE: installing OpenSSL 1.1.1 on RedHat 6.x Hi Tom, So from what you say, you