From: owner-openssl-us...@openssl.org [mailto:owner-openssl-
us...@openssl.org] On Behalf Of Liz Fall
Sent: Sunday, 14 September, 2014 00:33
To: openssl-users@openssl.org
Subject: RE: cannot read PEM key file - no start line
Thank you, Viktor. Do you have a good recommendation
- no start line
From: owner-openssl-us...@openssl.org [mailto:owner-openssl-
us...@openssl.org] On Behalf Of Liz Fall
Sent: Sunday, 14 September, 2014 00:33
To: openssl-users@openssl.org
Subject: RE: cannot read PEM key file - no start line
Thank you, Viktor. Do you have a good recommendation
From: owner-openssl-us...@openssl.org On Behalf Of Dave Thompson
Sent: Friday, September 12, 2014 04:31
*If* you are now using a legacy-format encrypted private-key (and your
original
error message suggested you might need some form of private key, which does
necessarily mean
-openssl-us...@openssl.org] On Behalf Of Viktor Dukhovni
Sent: Friday, September 12, 2014 7:39 AM
To: openssl-users@openssl.org
Subject: Re: cannot read PEM key file - no start line
On Fri, Sep 12, 2014 at 04:31:13AM -0400, Dave Thompson wrote:
*If* you are now using a legacy-format encrypted private
On Sat, Sep 13, 2014 at 06:46:01PM -0700, Liz Fall wrote:
I did specify the client key file to NULL. Then, I authenticated the client
with a user id and password. That worked.
Good. I think it is best to stop there for now.
Why would the file not have a client private key?
[ No such
read PEM key file - no start line
On Sat, Sep 13, 2014 at 06:46:01PM -0700, Liz Fall wrote:
I did specify the client key file to NULL. Then, I authenticated the
client with a user id and password. That worked.
Good. I think it is best to stop there for now.
Why would the file not have
On Sat, Sep 13, 2014 at 09:32:59PM -0700, Liz Fall wrote:
Thank you, Viktor. Do you have a good recommendation?
Sorry, have not read any myself. Got there over a couple of decades
via a different path, but I am under the impression that at least
one decent book on the subject is available.
okay.
From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org]
On Behalf Of Liz Fall
Sent: Wednesday, September 10, 2014 11:20
To: openssl-users@openssl.org
Subject: RE: cannot read PEM key file - no start line
Hi Dave,
Are you saying that the 76 characters per
On Fri, Sep 12, 2014 at 04:31:13AM -0400, Dave Thompson wrote:
*If* you are now using a legacy-format encrypted private-key (and your
original
error message suggested you might need some form of private key, which does
necessarily mean legacy-format encrypted) yes 76 chars is a
Subject: RE: cannot read PEM key file - no start line
I was half wrong before.
The base64 read in EVP_Decode* allows 76. But the PEM parser in PEM_read_bio
enforces exactly 64 only for input files that have PEM-encrypt headers
which in practice is only encrypted legacy-format privatekey
On Tue, Sep 9, 2014 at 8:49 PM, Dave Thompson dthomp...@prinpay.com wrote:
...
I have and know of no software to create encrypted legacy-format privatekeys
other than OpenSSL itself which always writes 64, so I never encountered
this before.
You can use Crypto++ with the PEM Pack
certificate
Thanks,
Liz
-Original Message-
From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Viktor Dukhovni
Sent: Monday, September 08, 2014 8:28 PM
To: openssl-users@openssl.org
Subject: Re: cannot read PEM key file - no start line
On Mon, Sep 08, 2014
On Sun, Sep 7, 2014 at 10:26 PM, Liz Fall f...@sbcglobal.net wrote:
All,
I am getting the following with my client cert when trying to connect to
an SSL-enabled MongoDB:
2014-09-03T13:37:56.881-0500 ERROR: cannot read PEM key file:
On Tue, Sep 09, 2014 at 04:42:53AM -0700, Liz Fall wrote:
Thanks for the info. I will try what you suggested today. However, I am a
bit confused by what you are saying - You may need to separately specify a
CAfile, or CApath for validating the server certificate. I have the two pem
files
.
Thanks for your help,
Liz
From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org]
On Behalf Of Jeffrey Walton
Sent: Tuesday, September 09, 2014 5:09 AM
To: OpenSSL Users List
Subject: Re: cannot read PEM key file - no start line
On Sun, Sep 7, 2014 at 10:26 PM
List
Subject: Re: cannot read PEM key file - no start line
On Sun, Sep 7, 2014 at 10:26 PM, Liz Fall f...@sbcglobal.net wrote:
All,
I am getting the following with my client cert when trying to connect to an
SSL-enabled MongoDB:
2014-09-03T13:37:56.881-0500 ERROR: cannot read PEM
On Sun, Sep 7, 2014 at 10:26 PM, Liz Fall f...@sbcglobal.net wrote:
I am getting the following with my client cert when trying to connect to
an SSL-enabled MongoDB:
2014-09-03T13:37:56.881-0500 ERROR: cannot read PEM key file:
On Sun, Sep 07, 2014 at 07:26:05PM -0700, Liz Fall wrote:
I have checked and verified that there is no whitespace. Also, the BEGIN
and END statements look correct. However, each line in the cert is 76 chars
in length, except for the last line. Should the lines be 64-characters
long?
Yes.
On Sun, Sep 7, 2014 at 10:26 PM, Liz Fall f...@sbcglobal.net wrote:
I am getting the following with my client cert when trying to connect to an
SSL-enabled MongoDB:
2014-09-03T13:37:56.881-0500 ERROR: cannot read PEM key file:
, 2014 5:42 AM
To: openssl-users@openssl.org
Subject: Re: cannot read PEM key file - no start line
On Sun, Sep 07, 2014 at 07:26:05PM -0700, Liz Fall wrote:
I have checked and verified that there is no whitespace. Also, the
BEGIN and END statements look correct. However, each line in the cert
On Mon, Sep 08, 2014 at 05:03:58PM -0700, Liz Fall wrote:
Thank you so much for your response.
Do I need to request for a specific certificate that will is base64?
No, you can just re-wrap the base64 data you have to 64 characters
per line. There are two different 64's here. The size of
...@openssl.org] On Behalf Of Viktor Dukhovni
Sent: Monday, September 08, 2014 5:20 PM
To: openssl-users@openssl.org
Subject: Re: cannot read PEM key file - no start line
On Mon, Sep 08, 2014 at 05:03:58PM -0700, Liz Fall wrote:
Thank you so much for your response.
Do I need to request
: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Viktor Dukhovni
Sent: Monday, September 08, 2014 5:20 PM
To: openssl-users@openssl.org
Subject: Re: cannot read PEM key file - no start line
On Mon, Sep 08, 2014 at 05:03:58PM -0700, Liz Fall wrote:
Thank you so
From: owner-openssl-us...@openssl.org On Behalf Of Viktor Dukhovni
Sent: Monday, September 08, 2014 08:42
On Sun, Sep 07, 2014 at 07:26:05PM -0700, Liz Fall wrote:
I have checked and verified that there is no whitespace. Also, the
BEGIN
and END statements look correct. However, each
CERTIFICATE-
-Original Message-
From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Dave Thompson
Sent: Monday, September 08, 2014 7:29 PM
To: openssl-users@openssl.org
Subject: RE: cannot read PEM key file - no start line
From: owner-openssl-us
On Mon, Sep 08, 2014 at 07:44:56PM -0700, Liz Fall wrote:
This is what my cert looks like below: What are you saying I should do?
Thanks for the clarification.
These are the certificates for an intermediate CA and the issuing root
CA. Generally, you'd append these to a certificate file with
clarify this?
Thanks,
Liz
-Original Message-
From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Viktor Dukhovni
Sent: Monday, September 08, 2014 7:54 PM
To: openssl-users@openssl.org
Subject: Re: cannot read PEM key file - no start line
On Mon, Sep
On Mon, Sep 08, 2014 at 08:14:32PM -0700, Liz Fall wrote:
I am trying to connect to a MongoDB SSL-enable database. This is the API:
// only really need a PEM on the server side
mongo::sslGlobalParams.sslPEMKeyFile = path/to/keyfile.pem;
The comment is highly misleading. PEM is a
All,
I am getting the following with my client cert when trying to connect to an
SSL-enabled MongoDB:
2014-09-03T13:37:56.881-0500 ERROR: cannot read PEM key file:
/users/apps/tstlrn/u019807/DTCD9C3B2F42757.ent.wfb.bank.corp_mongo_wells.pem
error:0906D06C:PEM routines:PEM_read_bio:no start
29 matches
Mail list logo
