We are planning to embed Open SSL 2.0 into our products for commercial
purpose.
I am trying to get license terms and conditions for Open SSL, but so far
no luck.
Do you know how I can get license terms for Open SSL? If there is no any
particular
license terms and conditions, can you tell me how
On Tue, Oct 16, 2001 at 08:59:44PM -0400, Maruta, Eric wrote:
We are planning to embed Open SSL 2.0 into our products for commercial
purpose.
I am trying to get license terms and conditions for Open SSL, but so far
no luck.
It is part of the distribution: LICENSE. You can also read the
Hi,
I am using openssl to secure a number of services in
my organization: http, imap, smtp, ldap etc...
For our internal servers we have been able to generate
CA certs with openssl and sign our own certificates
and all the services work great, EXCEPT the client
software always complains that
Can OpenSSL process PKCS#7 files in the BER format? I know DER is a
subset of BER and I'm wondering if there are any BER formatted files
that OpenSSL can't handle.
Thanks,
Don
__
OpenSSL Project
go to www.sunfreeware.com select your solaris version and see further
instructions.
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
My understanding is that usually there's a complete certificates chain
in a smime signature. Is there a way to extract _all_ the certificates
in the chain using openssl command? openssl pkcs7 -print_certs seems to
extract only the signer's certificate and not any of the intermediate or
CA
You can download the source from the OpenSSL website and then follow the
instructions in the INSTALL.W32 file to compile the DLLs yourself. There
are some simple example applications under the demo directory that you can
refer to.
Michael Lee
- Original Message -
From: lawrence [EMAIL
I like to have a copy also.
LAWRENCE LOW
-Original Message-
From: LaDon L Harrison [mailto:[EMAIL PROTECTED]]
Sent: Thursday, October 18, 2001 7:06 AM
To: [EMAIL PROTECTED]
Subject: Compiled Win32 version
Hi,
I'm trying to use openssl-0.9.6b in conjunction with Win2K/Apache/THe
i'm trying to create a p12 file from a pem file (a .crt file) and i get
the follow error message:
openssl pkcs12 -export -in w.crt -out w.p12 -name micert
Error loading private key
995:error::PEM routines:PEM_read_bio:no start
line:pem_lib.c:662:Expecting: ANY PRIVATE KEY
i did this where i
Hi All, I am new to this mailing list.
Maybe this is a FAQ but I couldn't find an answer from..
I have my own CA (for servlet developping purpose) and created a
client cert, named usercert.pem and userkey.pem, signed by the
CA's cert. From these files, I created a PKCS#12 format cert file
Hello:
I'm trying to use the openssl ca command inside a mod_perl
handler (I borrowed Perl code from http://www.pseudonym.org/ssl/)
to sign netscape spkacs, and I'm running into a very funky
problem.
The docs say that the signed cert wil come out in PEM form.
As I understand it, PEM
[[ cc openssl-users for mailing list archival ]]
Plamen Ratchev wrote:
Hi Josh!
I was able to isolate the problem down to the proxy. Last night I tried the
same script at my office, which doesn't have a proxy and everything worked
fine. The proxy on my client's site is MS Proxy Server
hi,
what are the rules or known-good examples of negative number encoding?
I'm trying to encode -2 as part of currency-amount-power sequence
and Peter Gutmann's dumpasn1 tool shows it as -254.
Any problem regarding negative number handling at the code attached?
Hope it's good enough to drive
From: Maruta, Eric [EMAIL PROTECTED]
Eric.Maruta We are planning to embed Open SSL 2.0 into our products
Eric.Maruta for commercial purpose.
2.0? You must come from the future, because we're still at 0.9.6b
this year.
Eric.Maruta I am trying to get license terms and conditions for Open
I am trying to install openssl version 0.9.6 on a
Tru64 Unix box. After running 'make install', I get the following errors when I
do a 'make test' to test the installation:
Left shift test
I have build openssl-engine-0-9.6 on NT4 SP4 with gcc-2.95.2-msvcrt compiler
and GNU make-3.76.1 : no problem.
Now I wolud like to add the crypto/pkcs11 source code from AdNovum (the one
sent by Eric Laroche in a message of 15-6-01) but I've the following
questions:
1) what is the procedure
Hello,
I think you have to install the CAcertificates in your client
browser. I know two techniques you can use:
your client can download your CA certificate from you web site ( you need
to use the mime type application/x-x509-ca-cert in your httpd.conf file)
or you can generate, for each
under windows 2000 (and nt4 afaik) with outlook 2000 and IE5 (don't know
if works for less than this) you can install the certificate in each
client by hand quite easily... if the file name has ending .cer then
windows appears to recognize it and calls it Security Certificate...
double click on
Try converting into pkcs12 and then import
openssl pkcs12 -export -in file -inkey key -certfile cert -out outfile.p12
- Original Message -
From: Steve Barnes [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Wednesday, October 17, 2001 2:41 PM
Subject: RE: using own CA certs with various
sorry, I was unclear - the client needs BOTH the server cert and your CA
cert.
what i did was i puts the certs in a shared directory... and then each
machine that wanted them just double clicked on the CA.cer and
server.cer ... done...
cheers,
Sean
Steve Barnes wrote:
I have the same
You need to install the root certificate into the clients browsers.
You can distribute root certificates to clients by incliding the root
certificate within the pkcs12 file or
As all browsers act differently in accecpting certificates I use a perl
script get to format the certificate for the
I installed the CA Cert on my machine hey presto !! it worked.
I think i'll email the Certs out to everyone I need to use the SSL server.
Nice one !!
-Original Message-
From: Sean O'Riordain [mailto:[EMAIL PROTECTED]]
Sent: 17 October 2001 11:05
To: [EMAIL PROTECTED]
Subject: Re:
Title: Message
No matter what I do,
I can't seem to connect via https.
I keep getting the
error:
[Wed Oct 17 07:02:10
2001] [error] [client 66.65.3.10] Invalid method in requestt From what
I have read, this means that I am trying to talk https on a port that only
speaks http.
I have
Moved to openssl-users...
Tanya Karpina wrote:
I have the same problem verifying the server certificate. I tried to
run s_server and s_client tests so everything work fine a part from
certificate verification. I get an
verify error: num=20:unable to get local issuer certificate
verify
Vadim Fedukovich wrote:
hi,
what are the rules or known-good examples of negative number encoding?
I'm trying to encode -2 as part of currency-amount-power sequence
and Peter Gutmann's dumpasn1 tool shows it as -254.
Any problem regarding negative number handling at the code attached?
$ date
Wed Oct 17 14:28:14 CEST 2001
$
$ telnet www.openssl.org 80
Trying 129.132.7.153...
telnet: connect to address 129.132.7.153: Connection refused
telnet: Unable to connect to remote host
$
$ telnet www.modssl.org 80
Trying 129.132.7.171...
telnet: connect to address 129.132.7.171:
Hi
I had installed OpenSSL on Hp UX11.00 because I
want to use it for an LDAP connection. I'm using OpenLDAPv2.0 and an LDAP
client. When I run slapd (the LDAP's daemon) with debug I read the following
messages. I think server break connection because it not receive client's
certificate
On Wed, 17 Oct 2001, Vadim Fedukovich wrote:
what are the rules or known-good examples of negative number encoding?
I'm trying to encode -2 as part of currency-amount-power sequence
and Peter Gutmann's dumpasn1 tool shows it as -254.
It surely looks like a simple error in the dump tool, to
Title: Message
I am getting
an error message , PEM_read_bio: No start line. Now I am assuming this may have
to do with the pem certificate im trying to read, but all my certificates are
fine. Could anyone give me some insight on what causes this error.
Thanks!
Thank you all for posting solutions.. It was just a
matter of importing the rootCA into the client. On my
systems (outlook and netscape), I just needed to
import the rootCA and then it stopped complaining
about all certs signed by that root. It seems to have
worked Do I need to import the
Hi all
I have looked in the archives but not found an examale or assistance
there.
I am having difficulty with a CA certificate (created with ./CA -newca)
I am getting the following error
1895:error:0906D06C:PEM routines:PEM_read_bio:no start
line:pem_lib.c:662:Expecting: CERTIFICATE.
The
Title: Message
I am
having the same problem. If I find anything I will let you
know
-Original Message-From: Andrew Finnell
[mailto:[EMAIL PROTECTED]]Sent: 17 October 2001
04:11To: 'Openssl ([EMAIL PROTECTED])'Subject:
PEM_read_bio
I am
getting an error message ,
On Wed, Oct 17, 2001 at 07:06:15AM -0700, Zachary Denison wrote:
Thank you all for posting solutions.. It was just a
matter of importing the rootCA into the client. On my
systems (outlook and netscape), I just needed to
import the rootCA and then it stopped complaining
about all certs signed
is there some way to uninstall openssl in order to
install a newer versionon a linux system???, or update it??, please help
me.
Juan Carlos Albores
Aguilar
Hi, i'm using openssl and i've created my own CA so
i can sign certificates, revocate them and everything, my question is when i
revoke a certificate and i watch the no encrypted form of my crl file, it says
no certificates revoked, however in the records of the certificates signed, it
does
35 matches
Mail list logo
