setting a CSR’s challenge password?

Hi all, What ways other than the interactive command shell are available for setting a CSR’s challenge password attribute? I can’t find a command-line switch that does it, and perl’s Crypt::OpenSSL::PKCS10 doesn’t seem to know about it, either. Thanks! -Felipe Gasper Houston

setting a CSR’s challenge password?

Hi all, What ways other than the interactive command shell are available for setting a CSR’s challenge password attribute? I can’t find a command-line switch that does it, and perl’s Crypt::OpenSSL::PKCS10 doesn’t seem to know about it, either. Thanks! -Felipe Gasper Houston, TX

Re: Automating self signed certificate creation

On 2.11.12 3:23 PM, Ken Goldman wrote: I create a self signed certificate using openssl req -new -x509 -key ... -out ... -days ... It then prompts for the country, state, locality, etc. Is there a way to enter that data on the command line or in a configuration file to avoid the prompts? I

cnf file format changes among versions

Does anything out there describe the changes in cnf file format among the different OpenSSL versions? -F __ OpenSSL Project http://www.openssl.org User Support Mailing List

Certs without subject commonName?

I read somewhere that subject commonName is now deprecated in favor of subjectAltName. Are there certs out there in the wild with no subject CN, only SAN? -FG -- Sent from my Android phone with K-9 Mail. Please excuse my brevity.

SNI: What *doesn’t* support it?

/Server_Name_Indication) gives quite a few, but I thought maybe folks here could contribute something additional. -Felipe Gasper __ OpenSSL Project http://www.openssl.org User Support Mailing List

Possible to create a CSR from just a certificate?

If I have an SSL certificate, it is possible to create a CSR with that certificate’s subject and public key? -F __ OpenSSL Project http://www.openssl.org User Support Mailing List

Prefix “[openssl-users]” onto mailing list subjects?

Hi everyone, Would there be interest/approval in prefixing [openssl-users] onto the subject of messages from this list? This kind of thing is standard on most mailing lists of this kind that I’ve seen. It makes it easier to distinguish the “context” of a message at-a-glance. -F

[openssl-users] X509_verify_cert() and X509_STORE_set_verify_cb()

()? Thank you! -Felipe Gasper Houston, TX -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

[openssl-users] How to send alert in handshake?

RFC 3546, in describing the SNI extension, recommends that servers send a warning to clients that request an unknown server name. (Page 9) I’d like to implement that warning .. could someone please point me to which API functions expose this ability? Thank you! -Felipe Gasper Mississauga

Re: [openssl-users] How to prove a Certificate is Signed or not

You could: - Check subject and issuer for sameness. - Verify the signature with the certificate’s own key. A positive verification indicates self-signed. > On May 3, 2018, at 7:18 AM, Salz, Rich via openssl-users > wrote: > > > > On 5/3/18, 4:24 AM, "morthalan"

[openssl-users] Ed25519 and X.509

Hi all, Are there yet OIDs for Ed25519-signed X.509? I know about the drafts for the key format but am not aware of actual OIDs to identify the signature hash algorithm. Thank you! -F -- openssl-users mailing list To unsubscribe:

Re: [openssl-users] Ed25519 and X.509

I knew about this one. I see OIDs here for the key algorithm, but not the signature/hash algorithm .. ? I’m looking for the OID that precedes the signature in an X.509 structure. Thank you! -FG > On Jul 28, 2018, at 7:10 AM, Matt Caswell wrote: > > > >> On 28/07/18 03

[openssl-users] Slightly OT: X.509 & PCKS10 generation in Perl

it because I think the syntax is more straightforward than navigating the openssl binary and openssl.cnf. It’s not nearly as fast, of course, but I’ve found it useful. YMMV. -Felipe Gasper -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Ed25519 and X.509

Ah ok. Thank you for clarifying! -FG > On Jul 28, 2018, at 7:42 AM, Matt Caswell wrote: > > > >> On 28/07/18 12:23, Felipe Gasper wrote: >> I knew about this one. I see OIDs here for the key algorithm, but not the >> signature/hash algorithm .. ? I’m loo

[openssl-users] EDDSA key format

Hi all, Do EDDSA keys serialize to any format other than SPKI (public) and PKCS8 (private)? I ask because RSA and ECC both have “native” formats as well as SPKI and PKCS8. Thanks! -FG -- openssl-users mailing list To unsubscribe:

Re: [openssl-users] CSR verify failure

z > eeHSCU6jTmFbKK/KPR9TUlJycelzKP1zAZCV > -END CERTIFICATE REQUEST- > > > Jon > > On Mon, Mar 26, 2018 at 5:49 PM, Felipe Gasper <fel...@felipegasper.com> > wrote: > But what is the actual PEM of the CSR? > > It should look like: > > -BEGIN

Re: [openssl-users] CSR verify failure

Can you paste one of the CSRs that fails verification? -Felipe > On Mar 26, 2018, at 11:19 AM, Jon Uriarte wrote: > > Hi folks, > > I'm hitting some issues when trying to create SSL certificates and was > wondering if any around could help with this. > I can create a CSR

Re: [openssl-users] CSR verify failure

But what is the actual PEM of the CSR? It should look like: -BEGIN CERTIFICATE REQUEST- ... -END CERTIFICATE REQUEST- -FG > On Mar 26, 2018, at 11:47 AM, Jon Uriarte wrote: > > Thanks for your replies. > > I'm creating the CSR with the default values. >

[openssl-users] renegotiate across exec()

Hi all, I’ve got a project where I’m trying to send a Hello Request from the server immediately before an exec(), then renegotiate the SSL connection. What is the easiest way to send *just* a Hello Request from a server? Thanks! -Felipe Gasper Mississauga, Ontario

Re: [openssl-users] renegotiate across exec()

> On Mar 2, 2018, at 12:44 AM, Viktor Dukhovni <openssl-us...@dukhovni.org> > wrote: > >> On Mar 1, 2018, at 10:39 PM, Felipe Gasper <fel...@felipegasper.com> wrote: >> >> Hi all, >> >> I’ve got a project where I’m trying to send a H

Re: [openssl-users] Problem with x509_verify_certificate

Maybe the set of stores root certificates changed with the update? Try openssl s_client to debug it? > On Nov 17, 2018, at 8:57 PM, Ken wrote: > > I use an application, FreeRDP (https://github.com/FreeRDP/FreeRDP), which > uses x509_verify_certificate to check the validity of a certificate on

Re: [openssl-users] Subject CN and SANs

Actually, per the latest CA/Browser forum guidelines, subject.CN is not only optional but “discouraged”. -FG > On Dec 23, 2018, at 4:29 PM, Kyle Hamilton wrote: > > SubjectCN is an operational requirement of X.509, I believe. It's not > optional in the data structure, at any rate. > > -Kyle

Re: [openssl-users] Subject CN and SANs

Wow that’s pretty bad .. is that the current version of httpd?? That’d be worth a big report if so, IMO, though I’d imagine it’s an issue they’re aware of. -FG > On Dec 23, 2018, at 6:53 AM, Walter H. wrote: > > > I tried the following > > the certificate had a CN oftest.example.com

Re: [openssl-users] Subject CN and SANs

I’m not sure, heh. ;-) -F > On Dec 24, 2018, at 3:17 AM, Walter H. wrote: > > and which CA does this as the forum guidelines say? > >> On 23.12.2018 22:50, Felipe Gasper wrote: >> Actually, per the latest CA/Browser forum guidelines, subject.CN is not only >

Re: [openssl-users] Subject CN and SANs

> On Dec 22, 2018, at 9:12 PM, Salz, Rich via openssl-users > wrote: > > Putting the DNS name in the CN part of the subjectDN has been deprecated for > a very long time (more than 10 years), although it is still supported by many > existing browsers. New certificates should only use the

Re: [openssl-users] Subject CN and SANs

It shouldn’t matter. Technically subject.CN is deprecated anyway, but all the CAs still create it. -FG > On Dec 22, 2018, at 4:29 PM, Walter H. wrote: > > Hello, > > I found several different certificates on the net > > some are like this: > > CN=example.com > SANs areDNS:example.com,

Re: In-memory SSL_CTX_use_certificate_chain_file?

> On Mar 17, 2019, at 7:55 PM, J Decker wrote: > >> On Sun, Mar 17, 2019 at 4:46 PM Felipe Gasper >> wrote: >> Buffer, not buffet. Silly autocorrect! >> >> -F >> >> > On Mar 17, 2019, at 7:21 PM, Felipe Gasper wrote: &

Re: In-memory SSL_CTX_use_certificate_chain_file?

Buffer, not buffet. Silly autocorrect! -F > On Mar 17, 2019, at 7:21 PM, Felipe Gasper wrote: > > Hello, > > Is there any equivalent to SSL_CTX_use_certificate_chain_file for a PEM > buffet that’s already in memory? > > Thank you! > > -F

In-memory SSL_CTX_use_certificate_chain_file?

Hello, Is there any equivalent to SSL_CTX_use_certificate_chain_file for a PEM buffet that’s already in memory? Thank you! -F

partial SSL_read()

to be _able_ to parse an incomplete message? Or is it that only the entire message can be decoded? Thank you! -Felipe Gasper Mississauga, Ontario

Re: partial SSL_read()

> On Apr 30, 2019, at 12:21 PM, Michael Wojcik > wrote: > >> From: openssl-users on behalf of Felipe >> Gasper >> Sent: Tuesday, April 30, 2019 11:06 > >> My question is, does TLS allow a client to be _able_ to parse an incomplete >> message?

Re: Serialize/Deserialize SSL state

state, shove it > through a unix domain socket to the target process and then have the target > process unpack the openssl state and resume IO. For what it’s worth, I have also wished for something like this, where I could pass a file descriptor as well as the OpenSSL state over a socket

OpenSSL + ktls

Hello, Is it possible, after having done a TLS handshake in OpenSSL, to extract the necessary connection parameters from OpenSSL and pass those to the requisite setsockopt() call to initiate ktls outside of OpenSSL? Thank you! -Felipe Gasper

RFC 7250 raw public keys?

Hello, Does OpenSSL support authentication via raw public keys? (RFC 7250) I can’t find anything to this effect on openssl.org. Thank you! cheers, -Felipe Gasper

Re: RFC 7250 raw public keys?

> On Jul 8, 2020, at 1:51 PM, Viktor Dukhovni > wrote: > > On Wed, Jul 08, 2020 at 01:31:04PM -0400, Felipe Gasper wrote: > >> What I’m looking for is a way to authenticate a user over TLS in >> essentially the same manner that SSH’s handshake uses, where a >

Re: RFC 7250 raw public keys?

> On Jul 8, 2020, at 12:59 PM, Viktor Dukhovni > wrote: > > On Wed, Jul 08, 2020 at 12:48:38PM -0400, Felipe Gasper wrote: > >> Does OpenSSL support authentication via raw public keys? (RFC 7250) I >> can’t find anything to this effect on openssl.org. > >

minimum viable CSR?

no useful information--what would the minimum-viable subject look like from the generation-via-OpenSSL side? Thank you! cheers, -Felipe Gasper

Re: minimum viable CSR?

> On Jul 15, 2020, at 7:16 AM, Hubert Kario wrote: > > On Tuesday, 14 July 2020 21:18:53 CEST, Felipe Gasper wrote: >> Hello, >> >> I have domains whose length exceeds the commonName maximum. To create a >> signing request for such a domain, then, I

Re: Certificates Transparency list

In addition to however OpenSSL does it, you can see how it’s done here: https://metacpan.org/release/Crypt-Perl/source/lib/Crypt/Perl/X509/Extension/ct_precert_scts.pm https://metacpan.org/release/Crypt-Perl/source/lib/Crypt/Perl/X509/Extension/ct_precert_poison.pm -F > On Jan 10, 2021, at

LE/DST expired root: workaround #2

the same way as connection handshakes? So the 3 certs I have in my chain will pass OpenSSL’s dedicated verification logic? Thank you! cheers, -Felipe Gasper

Re: "DST Root CA X3" expiry workaround for OpenSSL 1.0.1, 1.0.0 and 0.9.8 client applications

ity with the behaviour of 1.1.0+. It would be nice--would have been helpful for me, at least--to have fleshed-out code examples. Thank you to everyone who maintains OpenSSL and who’s helping us all through this transition. cheers, -Felipe Gasper

“EC PUBLIC KEY”

Hello, Does OpenSSL intend to handle EC public keys that in PEM begin “BEGIN EC PUBLIC KEY”? I can’t find a way to output this format and am not sure if it’s actually defined anywhere, but it seems like a logical analogue to the default/legacy RSA public key format.

Re: “EC PUBLIC KEY”

> On Nov 17, 2021, at 16:49, Michael Wojcik > wrote: > >> From: Michael Wojcik >> Sent: Wednesday, 17 November, 2021 14:22 >> To: openssl-users@openssl.org >> Subject: RE: “EC PUBLIC KEY” >> >>> From: openssl-users On Behalf Of >> Billy >>> Brumley >>> Sent: Wednesday, 17 November, 2021

v1.1.1: “Secure Renegotiation IS NOT supported”

S 7), it reports that: > Secure Renegotiation IS supported Support for secure renegotiation is a “good thing”, right? That being the case, why would the newer OpenSSL version report no support for it while the older one supports it? Thank you! Cheers, -Felipe Gasper

Re: v1.1.1: “Secure Renegotiation IS NOT supported”

> On Oct 28, 2021, at 03:52, Matt Caswell wrote: > > > > On 27/10/2021 18:53, Felipe Gasper wrote: >> Support for secure renegotiation is a “good thing”, right? That being >> the case, why would the newer OpenSSL version report no support for it while

FIPS mode and ECDSA explicit curves

(ERR_LIB_PROV, PROV_R_INVALID_CURVE, "Explicit curves are not allowed in fips mode"); return 0; } Thank you! cheers, -Felipe Gasper

SSL_read empty -> close?

iov_len=2}], msg_iovlen=1, msg_control=[{cmsg_len=17, cmsg_level=SOL_TLS, cmsg_type=0x1}], msg_controllen=17, msg_flags=0}, 0) = -1 EPIPE (Broken pipe) - after read What is that being sent after the read()? Is there a way to disable it? Thank you! cheers, -Felipe Gasper

Re: Query minimum RSA key size?

> On Sep 26, 2022, at 10:01, Viktor Dukhovni wrote: > > On Mon, Sep 26, 2022 at 09:52:29AM -0400, Felipe Gasper wrote: > >> OpenSSL 1.1.0k introduced behaviour that rejects 1,024-bit RSA key sizes. > > No such change was made. Perhaps your OS distribution has b

Query minimum RSA key size?

it. Thank you! cheers, -Felipe Gasper

Re: Query minimum RSA key size?

> On Sep 26, 2022, at 11:47, Viktor Dukhovni wrote: > > On Mon, Sep 26, 2022 at 10:46:40AM -0400, Felipe Gasper wrote: > >>> The security levels are documented. You can set the security level >>> in the cipher string: >>> >>> DEFAULT:@SE

Re: OpenSSL version 3.1.0-alpha1 published

e still applies and > migration from 3.0 to 3.1 should be just seamless. > > Tomas > > > On Thu, 2022-12-01 at 09:40 -0500, Felipe Gasper wrote: >> AFAICT, the migration guide doesn’t actually seem to mention upgrades >> to 3.1. >> >> -FG >> >&g

Re: OpenSSL version 3.1.0-alpha1 published

AFAICT, the migration guide doesn’t actually seem to mention upgrades to 3.1. -FG > On Dec 1, 2022, at 09:00, OpenSSL wrote: > > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > > OpenSSL version 3.1 alpha 1 released > > > OpenSSL - The Open

Re: SSL_read empty -> close?

> On Nov 2, 2022, at 16:36, Michael Wojcik via openssl-users > wrote: > >> From: Felipe Gasper >> Sent: Wednesday, 2 November, 2022 12:46 >> >> I wouldn’t normally expect EPIPE from a read operation. I get why it happens; >> it just seems odd. Gi

Re: SSL_read empty -> close?

> On Nov 3, 2022, at 10:17, Michael Wojcik via openssl-users > wrote: > >> Does OpenSSL’s documentation mention that? (I’m not exhaustively >> familiar with it, but I don’t remember having seen such.) > > I doubt it. I don't see anything on the wiki, and this is a pretty obscure > issue,

Re: SSL_read empty -> close?

> On Nov 3, 2022, at 11:37, Michael Wojcik via openssl-users > wrote: > >> It’s a rare >> issue, but when it does it’s a head-scratcher. To avoid that, it’s necessary >> to shutdown(SHUT_RD) then drain the read buffer before close(). > > Well, it's not *necessary* to do a half-close.

Re: SSL_read empty -> close?

> On Oct 26, 2022, at 13:34, Michael Wojcik via openssl-users > wrote: > >> From: openssl-users On Behalf Of Felipe >> Gasper >> Sent: Wednesday, 26 October, 2022 11:15 >> >> I’m seeing that OpenSSL 3, when it reads empty on a sock