On Thu August 14 2008 23:05, Rafiqul Ahsan wrote: > Hi David, > > I believe 2048 could not be the issue (as you said because I am using > 64 bit OS), >
Which will probably run either 32bit or 64bit userland code. Next question: Are you running 64bit openSSL? (You could be running 32bit openSSL and never know it unless you check.) Mike > this is about supporting sha256 algorithm either with > 0.9.8h, or my Freeradius 2.0.5 (both are latest). Because sha1 works > well with my installation with even RSA 2048 key. And ofcourse, as per > my previous email it was evident that I am using 64 bit OS. Here is > the output of my working certs : > > Certificate: > Data: > Version: 3 (0x2) > Serial Number: > 44:ae:e6:13:b6:3e:1c:63:39:eb:02:ef:7c:54:3f:9e > Signature Algorithm: sha1WithRSAEncryption > Issuer: C=US, O=Motorola, Inc., OU=WiMAX Device Certificate > Authority, C > N=Motorola WiMAX Device Root CA > Validity > Not Before: Jul 7 22:54:11 2006 GMT > Not After : Jul 7 22:54:11 2036 GMT > Subject: C=US, O=Motorola, Inc., OU=WiMAX Device Certificate > Authority, > CN=Motorola WiMAX Device Root CA > Subject Public Key Info: > Public Key Algorithm: rsaEncryption > RSA Public Key: (2048 bit) > Modulus (2048 bit): > 00:a7:7c:24:7f:ff:7b:aa:88:c6:ea:af:7e:1d:f4: > bb:7d:ae:11:f0:27:72:61:9b:19:6e:b6:c8:1d:20: > aa:a9:52:34:41:87:f0:05:94:ad:c4:77:7b:93:08: > 5c:29:8b:80:14:11:69:1c:4c:1d:39:cb:ff:30:9b: > 62:9d:d7:78:07:43:71:7c:15:31:fa:79:2c:36:a1: > 6b:d3:58:10:c2:8f:7c:91:20:1d:dc:9e:ea:10:55: > 66:cf:95:1f:9a:aa:8d:e6:2f:e9:dd:de:07:5c:87: > 17:77:0f:b4:26:d5:a4:c0:e9:09:8b:00:ec:f3:49: > 6f:37:bf:ac:a7:f1:81:64:6d:ab:2c:32:2d:03:7c: > 95:5b:8b:48:29:23:55:49:9b:df:bc:e2:26:4b:0f: > ef:9f:81:5d:a9:b4:f2:34:b2:9f:a4:72:9e:0c:2d: > d7:1d:7b:04:70:76:16:93:1e:7c:64:18:79:07:6d: > 60:c9:e6:8c:10:73:94:0f:2e:a1:63:d9:38:61:6e: > 5f:81:67:fe:39:3f:aa:47:26:14:30:0a:c4:c2:0b: > 4c:b1:2f:15:cd:dc:79:79:a7:f0:2a:1f:15:c6:25: > cb:61:84:20:27:4d:48:44:9a:f2:47:f9:c7:b5:09: > db:d7:28:f5:28:2e:f2:cc:42:31:36:8a:95:dc:02: > 22:39 > Exponent: 65537 (0x10001) > X509v3 extensions: > X509v3 Key Usage: > Certificate Sign, CRL Sign > X509v3 Subject Key Identifier: > 74:9F:F6:2C:2B:60:80:53:17:79:A0:39:6D:77:84:FD:BA:D8:88:65 > X509v3 Basic Constraints: critical > CA:TRUE > > On 8/14/08, Rafiqul Ahsan <[EMAIL PROTECTED]> wrote: > > Hi David, > > > > Thanks for your reply...I believe I am running Freeradius, and > > openssl0.9.8h on 64 bit OS. If you want I can post the certs output as > > well. Pls let me know. I need to make this working, and I have been > > working on this for last 2 weeks and seeing the same error. > > > > Here is the command used to verify : > > > > bash-3.00# isainfo -b > > 64 > > bash-3.00# isainfo -v > > 64-bit sparcv9 applications > > vis2 vis > > 32-bit sparc applications > > vis2 vis v8plus div32 mul32 > > > > Here is the machine I am using (v210) : > > bash-3.00# uname -a > > SunOS v210ap20 5.10 Generic_120011-14 sun4u sparc SUNW,Sun-Fire-V210 > > > > > > On 8/14/08, David Johnston <[EMAIL PROTECTED]> wrote: > > > We saw these same errors in a WiMAX test network with Free Radius. > > > > > > Moving from an older 32 bit Fedora to a current 64 bit Fedora and the > > > stock > > > freeradius and freeradius-util packages made it work and made the errors > > > you > > > exhibit disappear. > > > > > > openssl0.9.8h manifestly does support the necessary algorithms. With WiMAX > > > certs (I assume from the logs, that is what you are using), you absolutely > > > do need a 64 bit installation due to the post 2038 dates in the root and > > > subordinate CA certs. > > > > > > DJ > > > > > > > > > > > > -- > > Rafiqul Ahsan > > > > ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
