Re: [openssl-users] It reported verify error:num=20:unable to get local issuer certificate in my embedded linux device, when I used the openssl command

2016-12-14 Thread 杨俊
Hi openssl-er, > Does cacert.pem contain the CA certificate that issued the certificate for > https://curl.haxx.se ? I think the cacert.pem is right. Because, I can get the ok result in my PC by this command: ​ > If your embedded file system does not support symlinks, you can instead > rename

Re: [openssl-users] Is there a way to get the numeric-value for a openssl-cipher-suite

2016-12-14 Thread Matt Caswell
On 14/12/16 08:09, Ajay Garg wrote: > Hi All. > > I am using the following script at myu laptop, to test for the available > cipher-suites : > > > #!/usr/bin/env bash > > # OpenSSL requires the port number. > SERVER=server.ip.com:12345

[openssl-users] Is there a way to get the numeric-value for a openssl-cipher-suite

2016-12-14 Thread Ajay Garg
Hi All. I am using the following script at myu laptop, to test for the available cipher-suites : #!/usr/bin/env bash # OpenSSL requires the port number. SERVER=server.ip.com:12345 DELAY=1 ciphers=$(openssl ciphers 'ALL:eNULL' | sed -e 's/:/

Re: [openssl-users] It reported verify error:num=20:unable to get local issuer certificate in my embedded linux device, when I used the openssl command

2016-12-14 Thread Jakob Bohm
On 14/12/2016 09:42, 杨俊 wrote: Hi openssl-er, > Does cacert.pem contain the CA certificate that issued the certificate for > https://curl.haxx.se ? I think the cacert.pem is right. Because, I can get the ok result in my PC by this command: ​ > If your embedded file

Re: [openssl-users] It reported verify error:num=20:unable to get local issuer certificate in my embedded linux device, when I used the openssl command

2016-12-14 Thread 杨俊
Hi Jakob & openssl-er, 1. My cross compile command is : --- #export CROSSCOMP_DIR=/home/georgeyang/workspace/hisi/hi3516a_v100/Hi3516A_SDK_V1.0.6.0/osdrv/opensource/toolchain/arm-hisiv400-linux/arm-hisiv400-linux/bin #export INSTALL_DIR=/home/georgeyang/workspace/speech_code/openssl

Re: [openssl-users] Signing an XML file

2016-12-14 Thread Dr. Stephen Henson
On Wed, Dec 14, 2016, Salz, Rich wrote: > > Is there some equivalent to PHP's openssl_sign_pkcs7 function for C/C++ > > users? > > Look at the apps/pkcs7.c file as a starting point. Get the command line > doing what you want, and then work through the code to pull out only the bits > you

Re: [openssl-users] It reported verify error:num=20:unable to get local issuer certificate in my embedded linux device, when I used the openssl command

2016-12-14 Thread Michael Wojcik
> From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf Of ?? > Sent: Wednesday, December 14, 2016 07:53 > I get the log from the embedded linux device and my PC. > Sorry, I don't get the deference in the platform, but there is some deference > between the platform and PC.

Re: [openssl-users] It reported verify error:num=20:unable to get local issuer certificate in my embedded linux device, when I used the openssl command

2016-12-14 Thread 杨俊
Hi Jakob & openssl-er, > Just to be sure (sometimes OpenSSL checks its default -CApath even > if you specify a -CAfile) try this command on the development machine: > openssl x509 -subject -noout -in cacert.pem > Compare to the deepest value from the screenshot above. I get the log from the

Re: [openssl-users] Signing an XML file

2016-12-14 Thread Thomas J. Hruska
On 12/14/2016 3:28 AM, Dr. Stephen Henson wrote: On Wed, Dec 14, 2016, Salz, Rich wrote: Is there some equivalent to PHP's openssl_sign_pkcs7 function for C/C++ users? Look at the apps/pkcs7.c file as a starting point. Get the command line doing what you want, and then work through the

Re: [openssl-users] Is there a way to get the numeric-value for a openssl-cipher-suite

2016-12-14 Thread Salz, Rich
Does the -V flag not do what you want? -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Signing an XML file

2016-12-14 Thread Anibal F. Martinez Cortina
2016-12-14 11:17 GMT-03:00 Thomas J. Hruska : > On 12/14/2016 3:28 AM, Dr. Stephen Henson wrote: > >> On Wed, Dec 14, 2016, Salz, Rich wrote: >> >> Is there some equivalent to PHP's openssl_sign_pkcs7 function for C/C++ users? >>> >>> Look at the

Re: [openssl-users] Signing an XML file

2016-12-14 Thread silvioprog
On Wed, Dec 14, 2016 at 11:47 AM, Anibal F. Martinez Cortina < linuxkid.z...@gmail.com> wrote: [...] > As a matter of facts, you're indeed right. I was daunted by the idea of > going through PHP's source myself.. > Thanks for the pointers, guys. > I'll report back as soon as I get some progress.

Re: [openssl-users] AECDH problem: works in 1.0.2, fails in 1.1

2016-12-14 Thread Norm Green
That was it. Thanks Matt! On 12/13/16 15:48, Matt Caswell wrote: On 13/12/16 21:09, Norm Green wrote: I have a simple C program that works in 1.0.2 but fails with the same code in 1.1. Here's the psuedo code for the client and server: Server: const SSL_METHOD *meth =

[openssl-users] Compiling for an old embedded device ARM7T armv4t platform?

2016-12-14 Thread Sean Graham
Hello everyone, I'm trying to do my research, and not sure if this should go into the -dev or -user mailing list... I have an embedded device which runs an ARM7T armv4t 16-bit thumb platform. I'm not finding much info other than the compile guide telling me to modify $cflags and $ldflags (which