Hi folks,
I have successfully installed and experimented with
the open SSL package on our local Solaris
machine. I managed to generate a self-signed certificate
using the 'openssl req -new ...' command.
You find in attach of this mail certreq.pkc file in order to sign a
certificate using the
Kim,
since X.509 certificate is somethingToBeSigned and signature over that
once can use X509_sign() to do it. Probably you mean certify_cert()
and, yes, lots of parameters there to specify certificate content.
Regards,
Vadim
On Fri, 16 Feb 2001, Hellan,Kim KHE wrote:
Hi
I'm trying to make
Hi,
When I call DH_compute_key(), I get a core dump. If I run DH_check
over the parameters passed to DH_compute_key() I get bit 1 set, which
according to dh.h means that number generated is not prime; presumably,
this is causing DH_compute_key() to croak.
This is a short excerpt:
unsigned
Hi,
I'm using 0.9.5a, but this should be easy to check in 0.9.6:
The no_tmp_rsa flag in s_server is ignored. There is an "#if 1" that
forces a callback to be used (which ignores the flag), blocking the code
that would test the flag before setting a value. Simply grep for
no_tmp_rsa in
Hi,
Tomcat use SSL directly, I use the keytool of the JDK to generate the
key pair and a self certificate.
I need to generate certificates for clients but the browser says that if
have to be in the format PKCS12.
For the keytool I specify a keystore type at the command line, via the
get your own 100 meg web site for only $11.95 per month today!
STOP PAYING $19.95 or more PER MONTH for your web site, WHEN YOU
CAN GET ONE FOR ONLY $11.95 PER MONTH!
DO YOU ALREADY HAVE A WEBSITE? ALL YOU HAVE TO DO IS TRANSFER THE
DOMAIN TO OUR SERVERS AND UPLOAD YOUR DATA AND YOU ARE
Hi,
Sorry if this is a stupid question, I have already read the faq and
searched google for an answer...
I have BC5.02 and bcb4, I have noticed that it appears that some people
have gotten openssl to compile under 5.02, but I havent been able to
figure out what commands i need to type to set it
Thanks. I eventually reduced the problem to s_server running against a
stripped-down version of my server, all on a newly installed OS (to avoid
DLL confusion). After adding trace statements to the code I found that I
was missing a callback in my code to calculate a temporary RSA key (yes,
I've seen a few references to this topic, but only one solution. (That appears to only
work for
Netscape Enterprise 3.6, not 4.1) It can be found at
http://mah.everybody.org/docs/netscape-to-apache . Is there any other way of
exporting/importing
the certificate?
The deal is we are running
"Hellan,Kim KHE" wrote:
Hi
I'm trying to make a CA signed certificate. I already have composed/loaded
all of the following "parts" for the certificate:
EVP_PKEY* pCAKey; /* CA private key */
X509* pCACert; /* CA root certificate */
X509_NAME* pX509Subject;/*
Sandipan Gangopadhyay wrote:
I am issuing a self signed (Root CA) certificate as follows -
./openssl req -new -x509 -days 365 -key ca.key -out ca.crt
It writes a serial number 0 !
./openssl ca takes the serial number from a source such as ./demoCA/serial
How do I make openssl req in
On Fri, 16 Feb 2001, Patrick Li wrote:
Thanks for the information. Does that mean there is no longer restrictions
on using any of the cipher suites specified by TLS or SSL outside of the US?
Sorry for a simple question. But is it still the case that only Canada and
US are allowed to use
Hello,
I wonder whether it would be useful to allow that a client can also
may its OCSP request through some proxy, I guess yes.
the real question is whether someone has looked in the socket
bio used in ocsp.c to see how code to allow at least some things
could be added:
- connection through
Hi everybody,
I am working on a VB Client for SSH. I read the RFC's and barely
understood anything. I talked to some people on deja and they said I have
to get openssl, compile it and use the DLLs. I've done that but cannot
reference the DLLs in VB. I have the exe's and dlls sitting
The first param to DH_generate_parameters() is supposed to be the number of
*bits* in the prime, not bytes (see
http://www.openssl.org/docs/crypto/DH_generate_parameters.html#). My guess
is you really want 64*8 for that parameter.
Also, DH_generate_parameters() creates the DH structure for you.
Ren West wrote:
I've seen a few references to this topic, but only one solution. (That appears to
only work for
Netscape Enterprise 3.6, not 4.1) It can be found at
http://mah.everybody.org/docs/netscape-to-apache . Is there any other way of
exporting/importing
the certificate?
The
From: Peter Sylvester [EMAIL PROTECTED]
Peter.Sylvester I wonder whether it would be useful to allow that a
Peter.Sylvester client can also may its OCSP request through some
Peter.Sylvester proxy, I guess yes.
Nothing actually stops you from doing such a thing. I've no idea if
that has an
Hi -
I have been for some time trying to figure out how to do certificate
verification with the Net::SSLeay perl module. Unfortunately there is no
documentation on this anywhere in the module, and the one sample program
which uses callbacks does not fail if it is an invalid cert. Also
On Mon, Feb 19, 2001 at 10:02:39AM -0500, [EMAIL PROTECTED] wrote:
Hi everybody,
I am working on a VB Client for SSH. I read the RFC's and barely
understood anything. I talked to some people on deja and they said I have
to get openssl, compile it and use the DLLs. I've done that but
Nevermind, I ended up realising that there is actually documentation of each
function in the see also section on openssl.org (which i had never noticed
before), so I just rewrote it in C. And it works :-)
-Ian
-Original Message-
From: Shaughnessy, Ian
To: '[EMAIL PROTECTED]'
Sent:
I've got a recipe to install:
openssl-0.9.6
mod_ssl-2.8.0-1.3.17
apache_1.3.17
and
WebObjects 4.5
on
MacOS X Server 1.2
It's working on our server right now. This recipe is a compilation of the
helpful hints and suggestions from a few people from a few lists
21 matches
Mail list logo
