], s390x[3], power
PC[4], ARM[5] ). If you want to test another architecture, we have created
a toolkit[6] that you can use to perform the statistical tests easily.
*Sincerely,*
*George Pantelakis*
1 - https://minerva.crocs.fi.muni.cz/
2 - https://github.com/openssl/openssl/issues/23860/
3 - https
llow. :) I did have to make minor modifications for it to
compile with the Visual Studio C++ compiler, though.
Thanks,
George
On 2021-01-26 4:29 a.m., Jan Just Keijser wrote:
On 26/01/21 05:28, George wrote:
Hi,
I'm trying to get OpenSSL 1.0.2u with the FIPS Object Module
2.0.16 in
t;, or
"stub_reader" actually get called. Do I need to do anything else to
enable this functionality? I would like to force the user to enter PIN
number every time.
Thanks,
George
encountered
similar problems in Windows but there is no real answer as to why they
are occurring:
https://www.codeproject.com/Questions/1254182/Smart-card-apis-throw-first-chance-exceptions-but
Thanks,
George
On 2021-01-11 9:41 a.m., Michael Wojcik wrote:
From: openssl-users On Behalf Of Geo
made the suggested
workaround, it worked.
My original code, which is based on
https://github.com/jjkeijser/ppp/blob/eap-tls/pppd/eap-tls.c
worked perfectly after I added in the libp11 fix. :)
Thanks!
George
On 2021-01-11 11:01 a.m., Jan Just Keijser wrote:
Hi,
On 08/01/21 22:35, George wrote
nction generate an exception on C_GetSlotList(...) multiple times but
it eventually is successful. Is this normal behaviour?
int pkcs11_enumerate_slots(PKCS11_CTX *ctx, PKCS11_SLOT **slotp,
unsigned int *countp)
{
. . .
rv = cpriv->method->C_GetSlotList(FALSE, NULL_PTR, &nslots);
is this done? I could not find
anything related to this in
https://github.com/jjkeijser/ppp/blob/eap-tls/pppd/eap-tls.c
Thanks,
George
On 2021-01-05 11:51 a.m., Jan Just Keijser wrote:
Hi,
On 05/01/21 07:39, George wrote:
Hi,
I was looking at the code in
https://github.com/jjkeij
te Object; type = X.509 cert
label: Card Authentication - PIVKey
E7F4FBE4644BA647ADDBE261BE596757
subject: DN: CN=PIVKey E7F4FBE4644BA647ADDBE261BE596757
*ID: a9bee4d72100c52f77c3fc288d2be01a34b5d44f91b3b7ea3d349b8a25752c45*
Thanks,
George
On 2020-12-23 6:00 a.m.,
he transfer_pin callback
functions, or should it already contain a value when
ENGINE_load_private_key is called?
Is there a way to skip the callback transfer_pin and use a hard coded
pin for test purposes when calling ENGINE_load_private_key(...)?
Thanks!
George
On 2020-12-19 8:05 p.m., Jan
N=*"
OpenSSL> x509 -engine pkcs11 -signkey
"pkcs11:object=Authentication - *;type=private;pin-value=123456"
-keyform engine -in req2.pem -out cert2.pem
Thanks,
George
On 2020-12-18 3:40 a.m., Jan Just Keijser wrote:
Hi,
On 18/12/20 06:21, G
ctrl_cmd_string(pkey_engine, "LIST_ADD", "1", 0);
ENGINE_ctrl_cmd_string(pkey_engine, "LOAD", NULL, 0);
ENGINE_ctrl_cmd_string(pkey_engine, "MODULE_PATH",
pkcs11MiddlewareLibrary, 0);
ENGINE_set_default(pkey_engine, ENGINE_METHOD_ALL);
Thanks!
George
Ok. So I use the libp11 project DLL file for the SO_PATH and my smart
card middleware DLL for the MODULE_PATH when setting up the OpenSSL Engine?
Thanks,
George
On 2020-12-17 3:22 a.m., Jan Just Keijser wrote:
Hi,
On 16/12/20 20:26, George wrote:
Hi,
I've been looking at the co
ey_engine, "LOAD", NULL, 0);
Do you see anything wrong with this?
Thanks,
George
On 2020-12-15 4:38 a.m., Jan Just Keijser wrote:
Hi,
On 14/12/20 21:01, George wrote:
Ok, so I am not actually going to populate EVP_PKEY with a private
key in the callback function:
int (*clien
ually have a private key, should I use something else?
Thanks,
George
On 2020-12-14 12:59 p.m., Michael Wojcik wrote:
You can't get the private key from the smartcard. Instead, you have to let the
engine do the encryption. I don't know what ENGINE_load_private_key actually
does - in
was not possible to get a private key from a smart card?
Once I have pkey, do I simply use it within the /client_cert_cb/
callback function?
Thanks,
George
On 2020-12-14 10:58 a.m., Michael Wojcik wrote:
From: openssl-users On Behalf Of George
Sent: Monday, 14 December, 2020 08:15
Thanks
mpile/work with Visual Studio in Windows?
Are there any other ways to get the Smart Card to work without needing
to install additional software?
Thanks!
George
On 2020-12-14 3:51 a.m., Jan Just Keijser wrote:
Hi,
On 14/12/20 08:08, George wrote:
Hi,
I'm new to OpenSSL and am trying
Card.
Does anyone know how I can get around this problem?
Thanks,
George
Yes, indeed I don't want to take into account the CN, only the SANs. Thanks
for the extra flag and all the clarifications!
Best regards,
Theodor
>
>
> > > > For now I am using X509_VERIFY_PARAM_set1_host with
> SSL_CTX_set1_param to
> > > > do this specific check.
> > >
> > > That's the sligh
> I am writing a SSL/TLS client (using Boost.Beast but underlying it's using
> OpenSSL) and although I have set on the SSL context the 'verify_peer'
flag,
> there is no verification to prove the server presents an X509 which
> contains in the Subject Alternative Names the hostname of that server.
>
I am writing a SSL/TLS client (using Boost.Beast but underlying it's using
OpenSSL) and although I have set on the SSL context the 'verify_peer' flag,
there is no verification to prove the server presents an X509 which
contains in the Subject Alternative Names the hostname of that server.
As this
p.
G.
-Original Message-
From: Michel [mailto:msa...@paybox.com]
Sent: 03 November 2011 14:10
To: openssl-users@openssl.org
Cc: Shaw Graham George
Subject: Re: Empty CA name list in Certificate Request in 0.9.8e
Hi George,
didn't you forget a call to :
SSL_CTX_set_client_CA_list()
27;d prefer to patch the 0.9.8e code, before moving to a more recent
version.
Best regards,
George Shaw.
__
OpenSSL Project http://www.openssl.org
User Support Mailing List
L IB$SHLIB_SUFFIX; ln -s $prev $SHLIB$SHLIB_SUFFIX ); fi; fi; \
fi;
system DLTSRVPGM SRVPGM(OPENSSL/libssl)
CPF2105: Object LIBSSL in OPENSSL type *SRVPGM not found.
ssl/*.o does not link to a module object
GMAKE[1]: Leaving directory `/home/qsecofr/openssl-0.9.8e'
On Tue, Apr 6,
nal Message-
From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Shaw Graham George
Sent: 06 April 2010 10:53
To: openssl-users@openssl.org
Subject: RE: OpenSSL on IBMi
-c is an option, not an argument, so I think you'll find that the
problem is that
ive
environment to create libraries on top of it which will be used by ILE
Code. I believe that I won't be able to use PASE libraries in native
environment, right?
Pankaj
On Tue, Apr 6, 2010 at 1:20 PM, Shaw Graham George
wrote:
OK, one step forward. I guess that previous
I get the IBM tools for
> CCSID 37?
>
> I tried to set the QIBM_CSSID variable in qsh environment to 1200, but
> the extracted openssl files still have CCSID of 37.
>
> Pankaj
>
>
> On Sun, Apr 4, 2010 at 8:23 PM, Shaw Graham George
wrote:
>>
>> You should rea
AKE not found.
GMAKE: *** [links] Error 1
$
I have set the PATH environment variable as follows :
/qibm/ProdData/DeveloperTools/qsh/bin/:/usr/bin:.:/QOpenSys/usr/bin
I am using the old perl binaries for OS400 from CPAN site.
Any idea where the problem is?
On Sun, Apr 4, 2010 at 3:08 PM, Shaw Graham Geo
http://rt.openssl.org/Ticket/Display.html?id=1565&user=guest&pass=guest
Only for 0.9.8e, though.
G.
-Original Message-
From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Pankaj Aggarwal
Sent: 04 April 2010 10:05
To: openssl-users@openssl.org
Sub
No, this is the output from "openssl x509 -text", but without "-nameopt utf8",
which has no effect on the output anyway.
G.
-Original Message-
From: dry...@sky-haven.net [mailto:dry...@sky-haven.net]
Sent: 19 November 2009 17:16
To: Shaw Graham George
Sub
t: 19 November 2009 13:24
To: openssl-users@openssl.org
Subject: Re: Creating a certificate with Unicode characters in Issuer
andSubject
On Thu, Nov 19, 2009, Shaw Graham George wrote:
> Hi,
>
> I have a requirement to make some test keys/certificates that contain
> Unicode (Chinese) da
the manual pages
it seems that UTF-8 is supported, but not Unicode - for example the
config man page says that null characters in strings is not allowed.
If not, then does anybody know of any other tools that I could use to
make my test keys/certificates.
Thanks in advanc
What remote application or software is it that is generating these errors?
Is it Java?
G.
-Original Message-
From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org]
On Behalf Of Biswatosh
Sent: 03 August 2009 15:32
To: openssl-users@openssl.org
Subject: Fw: Help
Is the server IIS?
And do you get all of the response?
Because IIS doesn't necessarily close SSL connections in a tidy manner -
it can give SSL_ERROR_SYSCALL.
G.
-Original Message-
From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of chithuanand
you very much,
Kind regards,
George Ping
Hi,
I'm no Linux guru but this worked for me (or rather it's equivalent).
To ensure that you link to your development libraries:
g++ -o tls-srv main.o /home/dev/openssl-0.9.8d/lib/libssl.so.0.9.8
/home/dev/openssl-0.9.8d/lib/libcrypto.so.0.9.8
... and then use LD_LIBRARY_PATH in your run-time t
http://www.openssl.org/docs/ssl/SSL_CTX_set_cipher_list.html?
G.
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Yolanda Craven
Sent: 04 March 2008 17:35
To: openssl-users@openssl.org
Subject: Openssl + cipher
I'm new to using openssl and I ne
Surely http://www.openssl.org/docs/ssl/SSL_CTX_set_cipher_list.html.
G.
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Baur, Mateus
(Brazil R&D-CL)
Sent: 05 March 2008 12:25
To: openssl-users@openssl.org
Subject: RE: cipher algorithms
Yes, I know yo
You need to open a socket to the proxy server and send it an HTTP
CONNECT request.
If the proxy server sends back an OK reply, then it has opened a socket
to the proxy. After that the proxy acts as a port forwarder, so you can
continue your SSL dialog with the proxy as if it was the SSL server.
Hi,
This may or may not be helpful ... it depends on your code, and what
applications that you are talking to that lead to these errors:
(1) reminds me of a problem that can occur when using OpenSSL against
some Java implementations. You can test it by using openssl s_client or
s_server using th
FYI. I found the problem.
Our build environment had the following environment variable set:
LINK=/manifest:no
Removing this environment variable solved the problems.
G.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Shaw Graham George
Sent: 24
I forgot to mention. 0.9.8e.
G.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Shaw Graham George
Sent: 24 August 2007 13:40
To: openssl-users@openssl.org
Subject: Problem building Windows 64-bit
Hi,
I've tried to follow the instructio
Hi,
I've tried to follow the instructions in INSTALL.W64 for building
OpenSSL for 64-bit Windows, but while C programs are compiling OK, the
link of the dlls is failing:
link /nologo /subsystem:console /opt:ref /dll /out:out32dll\libeay32.dll
/def:ms/LIBEAY32.def @"C:\Documents and Settings\gshaw
oblem handling unexpected SSL shutdown
Shaw Graham George wrote:
> The problem is that, on Windows at least, my server doesn't appear to
> get the "SSL shutdown notify" packet, for some reason. So, if that is
> to be expected, I'm looking for an alternative way of detec
hat way
Unless somebody has any better ideas ...
G.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Darryl Miles
Sent: 15 August 2007 15:40
To: openssl-users@openssl.org
Subject: Re: Problem handling unexpected SSL shutdown
Shaw Graham George wrote:
] On Behalf Of jimmy bahuleyan
Sent: 15 August 2007 14:01
To: openssl-users@openssl.org
Subject: Re: Problem handling unexpected SSL shutdown
jimmy bahuleyan wrote:
> Shaw Graham George wrote:
>> Hi,
>>
>> We have an application that provides HTTPS, either as client or
>> se
f
shutdown?
Or should I check for a shutdown before actually doing the put?
But I would still have thought that the put should return an error if
the socket has been shutdown.
Thanks again,
G.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Shaw Graham
Hi,
We have an application that provides HTTPS, either as client or server,
for our customers. At the moment I am doing some testing between our
client and our server, as a result of a problem with one of our
customers, and there is a particular sequence of events, that involves
an unexpected SSL
I only know some basics about SSL, symmetric keys and asymmetric keys, and
I'd greatly appreciate anyone who can shed some light on this question!
My understanding (and feel free to correct anything below here!) is that SSL
transactions between a web browser and a web server involve first a
ha
All,
I am using this script on an AIX box and until an
upgrade it worked just fine.
Now the encryption and decryption is failing with
the block size error. When I look at the encoded encrypted packet it looks like
it is on multiple lines as it was before I added the –A parameter.
I
Hi all,
I am getting the following error message on encrypted
packets. Can someone tell me what they mean and
what I can do to correct the problem. Google did not bring
me any meaningfull results.
The script is running on an AIX box.
openssl enc -d -a -iv 31464F4C4C455431 -des
Help all,
I am trying to use an openssl script on an AIX box to
produce and encrypted packet. This packet will have to be
decrypted by a C# program. I am having any luck in getting
the C# program to decrypt the packet encrypted by
the AIX script.
The Openssl.org documentation stat
All,
If I have learned anything from socket code it is that you
can never be sure if you get a partial or a full packet. The question is
if a packet is encrypted (des3) how do you know you have
received the full packet ?
Obviously you can not check for a string or a delimiter that
Hello,
Is anyone aware of a method for using PKI certificates for authentication
with PHP..?
All suggestions are appreciated...!
Thomas
__
OpenSSL Project http://www.openssl.org
User Support Mai
Title: Message
Hello,
I'm
looking for a primer or how-to on setting up FakeBasicAuth with a Wiki
portal engine running in PHP, with a MySQL backend.
Any
suggestions are greatly appreciated..!
Thomas
Some problems w/reverse DNS prevented posting this until now.
On Wed, Dec 28, 2005 at 07:12:30PM +0100, Dr. Stephen Henson wrote:
> On Wed, Dec 28, 2005, George Garvey wrote:
>
> >I'm having a very similar problem as this one.
> >I have a file I made from data
Some problems w/reverse DNS prevented posting this until now.
On Wed, Dec 28, 2005 at 07:12:30PM +0100, Dr. Stephen Henson wrote:
> On Wed, Dec 28, 2005, George Garvey wrote:
>
> >I'm having a very similar problem as this one.
> >I have a file I made from data
I have to fool around to get the build to work.
Regards and thanks for you
I'm having a very similar problem as this one.
I have a file I made from data sent from an AS2 system. The HTTP
headers before the data are (abbreviated to the S/MIME stuff):
Subject: EDIINTDATA
Message-Id: <[EMAIL PROTECTED]>
Disposition-Notification-To: inXServices
Disposition-Notification-
Hi,
I'm new to OpenSSL, and I'm hoping someone can tell me the easiest/best way
to parse an email address from a X.509 V3 client email cert.
Any suggestions would be appreciated.
Thanks,
Thomas
__
OpenSSL Project
I'm trying to build openssl for the purpose of getting openssh build
for DG-UX 4.20MU07 . I tried to to build 0.97 and 0.98 with the
exact same result and I am getting nowhere. Could anybody point out
what I'm missing ?
The output of make report is in the following:
OpenSSL self-te
Hi,
I'm new to OpenSSL, and I'm hoping someone can tell me the easiest/best way
to parse an email address from a X509 V3 client email cert.
Any suggestions would be appreciated.
Thanks,
Thomas
__
OpenSSL Project
idea what the problem is.
Thanks,
George
r suite the plugin
sends. If it turns out your server's behaviour is within spec, I'll
work to update the plugin.
George
--
[EMAIL PROTECTED]
pgpwdQiKBzMTb.pgp
Description: PGP signature
man gcc
---
George Shaw
Senior Software Engineer
Axway
a Sopra Group company
Tel: +44 (0) 7802 452186
Fax: +44 (0) 1454 299684
email: [EMAIL PROTECTED]
www.axway.com
---
Ce message est exclusivement destiné aux personnes dont le nom figure
ci
tements to the
plugin to learn exactly what's being returned?
George
--
[EMAIL PROTECTED]
pgpZ6eLFt7qV0.pgp
Description: PGP signature
On Mon, Jul 19, 2004 at 07:58:07AM -0600, The Doctor wrote:
> On Mon, Jul 19, 2004 at 09:25:44AM -0400, George Theall wrote:
> > On Sun, Jul 18, 2004 at 08:35:48PM -0600, The Doctor wrote:
> > > On Sun, Jul 18, 2004 at 09:02:22PM -0400, George Theall wrote:
> > > >
On Sun, Jul 18, 2004 at 08:35:48PM -0600, The Doctor wrote:
> On Sun, Jul 18, 2004 at 09:02:22PM -0400, George Theall wrote:
> > On Sun, Jul 18, 2004 at 03:18:48PM -0600, The Doctor wrote:
> > > On Sun, Jul 18, 2004 at 04:50:49PM -0400, George Theall wrote:
> > > >
&
On Sun, Jul 18, 2004 at 03:18:48PM -0600, The Doctor wrote:
> On Sun, Jul 18, 2004 at 04:50:49PM -0400, George Theall wrote:
> >
> > Check whether there's a line such as "srv_features:127.0.0.1 S" in your
> > mail server's access DB -- that disables S
R_HELLO:unknown
> protocol:s23_clnt.c:478:
Check whether there's a line such as "srv_features:127.0.0.1 S" in your
mail server's access DB -- that disables STARTTLS when the connecting
client is 127.0.0.1.
George
--
[EMAIL PROTECTED]
pgpPvuvz9f1qs.pgp
Description: PGP signature
return values in the range -128 to 127. This
is a problem when the values are sign extended by getc.
(Isn't the C "standard" fun.)
George Rogers
At 10:59 AM 6/30/2004 -0400, you wrote:
There might not BE a definition of getc since it returns
an int and the default is to return an int.
= 30# how long before next CRL
The parameter "default_days" specifies how many days certificates last
by default; that's what you want to change.
"default_crl_days" refers to the Certificate Revocation List (CRL). You
probably want to leave that short,
] Invalid method of request
\x80F\x01\x03
The
address 172.16.250.10 is completely different from those, which there are in our
network. I guess that is the problem.
If
I change the address for the correct in httpd.conf what should I
reinstall?
Thank
you in advance.
George
Scienton
Dear Friends, Bellow I described my PROBLEM. Please help me. I tried Apache with SSL (both HTTP and HTTPS protocols). 1. ./apachectl stop2. ./apachectl startssl Apache/1.3.29 mod_ssl/2.8.16 (Pass Phrase Dialog) Some of your private key files are encrypted for security reason
nd
it. This solution entails that you are able to influence all users of
the system to impose a registry change. If you can't do this, then the
solution is void and you must find another way to load balance.
Hope this helps.
George
> Nicolas Laigle wrote:
>
> Hi everybody,
>
I am getting an error from SSL_CTX_use_certificate_file. I am getting
33558531 error:02001003:system library:fopen:No such process. Does anyone
know what this means?
Thanks George
__
OpenSSL Project
I am getting an error from SSL_CTX_use_certificate_file.
I am getting 33558531 error:02001003:system library:fopen:No such process.
Does anyone know what this means?
Thanks
George
__
OpenSSL Project
Hi,
SSL_pending() returns the number of bytes in the SSL buffer that have been
decrypted by not requested by SSL_read(). This will occur when there is a
mismatch between the number of bytes requested by SSL_read() and the block
size used to encrypt/decrypt the data.
SSL_ERROR_WANT_READ (and SSL
You can use Anonymous Diffie-Hellman cipher, which is excluded from the
default cipher list. But beware ... this will not stop a man-in-the-middle
attack. You should look at the set cipher functions in the manual pages.
G.
-Original Message-
From: Petr Knez [mailto:[EMAIL PROTECTED]]
every 64 bytes, but still no success. I am having trouble finding
information on the formating of the private key file in OpenSSL "file.pem" and
would appreciate any help in this
area.
Thank you,
George
ng something incorrectly... I don't see it though.
I am calling this from C++ so I have to do lots of casting to get the
function pointers to be accepted in the first call, but I'm not sure that has
anything to do with it.
--
George Staikos
_
==
George Ascione, Technology and Support
[EMAIL PROTECTED]
LightHouse Hosting LLC.
121 Commons Way Toll Free: (877) 465-HOST
Princeton New Jersey. 08540Fax: (609) 688-0907
http
Screw the latest versions...
I fixed this by downgrading to:
Crypt-SSLeay-0.22
and libwww-perl-5.51
For Solaris 2.7 perl 5.6.1 and for Linux RedHat 6.2 perl 5.005_03
What a complete waste of 2 days.
- George
-Original Message-
From: Joshua Chamas [mailto:[EMAIL PROTECTED]]
Sent
:
lwp-request https://laborla.zeborg.com/
I am using Solaris 2.7 and openssl .96b.
Thanks for your help!!
- George
George Richman
Zeborg, Inc.
1801 Century Park East, Suite 120
Los Angeles, CA 90067
t: 310.499.6057
f: 310.499.6001
www.zeborg.com
This message is a personal and confidential
am living proof that applications
people make poor system mechanics.
And thanks, Alex ... way across the seas (and a continent) in Germany!
George
--
George Walsh,
Managing Director,
Travel Seewise Pacific Corp
Vancouver Canada
_
Do I
really need to do an SSL_shutdown?
Thanks,
George
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Ma
w.ibm.com and
wellsfargo.com). The .der files were extracted from Netscape's cert7.db. If
there are secrets in these files, then I think these guys are all in trouble
because I have them too now. :)
--
George Staikos
ARGH forgot to attach them. Here they are
Untars into cert/
--
George Staikos
certproblems.tgz
On Wednesday 25 July 2001 05:55, Jean-Marc Desperrier wrote:
> George Staikos wrote:
> > On Tuesday 24 July 2001 20:26, George Staikos wrote:
> > >I've been noticing many problems with some new certificates which
> > > are being issued by Entrust and Verisign.
ed to $CC or $CXX depending on wheter your using C++.
>
>edit the make files or do a make distclean and Configure with
>LD=$CC ./configure...
>
>
>Good Luck,
>
>--
>Boyd Gerber <[EMAIL PROTECTED]>
>ZENEZ 3748 Valley Forge Road, Magna Utah 84044
>Office 801-
ECTED]]
Sent: 10 July 2001 21:04
To: '[EMAIL PROTECTED]'
Subject: Re: Return code from SSL_write
On Tue, Jul 10, 2001 at 03:55:24PM +0100, Shaw, George wrote:
> I'm encountering a problem with SSL_write when writing a large amount of
> data (about 1Mb) using non-blocking sockets.
&
Hi,
I'm encountering a problem with SSL_write when writing a large amount of
data (about 1Mb) using non-blocking sockets.
For smaller amounts of data (about 1kb), the return code (bytes written)
what you would expect.
For the larger amount of data, the return code is -1. When checking
SSL_get_
How do you generate a CRL with the openssl tool?
Thanks,
George
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager
How do you generate a CRL with the openssl tool?
Thanks,
George
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager
,
George
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
How do I let my server accept certificates from multiple trusted
authorities? Do I combine the certificates into one big file?
Thanks,
George
__
OpenSSL Project http://www.openssl.org
User Support
?
Thanks,
George
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
mean and why is
the certificate considered OK.
Thanks,
George
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Au
I am "oring" these two constants together in my call to
SSL_CTX_set_verify(). It still doesn't prevent the client from continuing.
Do you have any other suggestions?
Thanks,
George
George,
On the server side, in your call to SSL_CTX_set_verify(), you have two
choices
the
SSL_write fails because the server has failed. How can I stop the client
before attempting to write to the server. Shouldn't the client fail on its
connect if the handshake is not successful on both ends.
Thanks,
G
alert Level
BA alert description
I thought that Alert level would be 01 or 02, and that Alert Description
would be a documented value?
Has anyone ever seen an alert like this? If so, how is it decoded?
Thanks,
George
1 - 100 of 130 matches
Mail list logo