cost. It will be interesting to watch how
the library evolves over the next decade.
Cheers
Ted
--
R.E.(Ted) Byers, Ph.D.,Ed.D.
__
OpenSSL Project http://www.openssl.org
User Support Mailing List
). In the case of Python, for example, there is a
boost library designed specifically for that purpose. From my
perspective, that is not a big problem. Rather, it is just one of
countless things I routinely have to deal with: just the cost of
getting things done.
Cheers
Ted
--
R.E.(Ted) By
tell it to look at any traffic on port 8443 (or
between my workstation and a specific ip address), as well as to let
me see the data in plain text rather than hex?
Thanks
Ted
--
R.E.(Ted) Byers, Ph.D.,Ed.D.
__
OpenSSL Projec
be used to help Wireshark provide
more useful information; but I have no idea how to tell Wireshark to
use them, if in fact using them would be useful (I started working
with Wireshark this past Friday).
Thanks
Ted
--
R.E.(Ted) Byers, Ph.D.,Ed.D.
__
On Fri, Apr 11, 2014 at 6:50 PM, Geoffrey Coram wrote:
> On 04/11/2014 14:46, Ted Byers wrote:
>>
>> And guess what I just found. ;-) Amazon has special discounts for
>> icropayments and nonproft organizations. I do not know if you're a
>> 501(c)3 non-profit
Thanks Jeff,
On Fri, Apr 11, 2014 at 4:54 PM, Jeffrey Walton wrote:
> On Fri, Apr 11, 2014 at 2:20 PM, Ted Byers wrote:
>> On Fri, Apr 11, 2014 at 1:23 PM, Steve Marquess
>> wrote:
>>> ...
>>
>> Have you checked out Google and Amazon's payment services?
On Fri, Apr 11, 2014 at 2:20 PM, Ted Byers wrote:
>
> Have you checked out Google and Amazon's payment services? I have
> heard they exist, but haven't checked them out for cost (I may do so,
> and soon, as the Canadian bank's support for ecommerce leaves
> everyth
nadian bank's support for ecommerce leaves
everything to be desired: try finding any documentation for their API,
or even if they have such an API, for any of the big 5 in Canada).
Cheers
Ted
Cheers
Ted
--
R.E.(Ted) Byers, Ph.D.,Ed.D.
__
Thanks Patrick.
Apache lounge already has a patched release released. So, once I deploy
that, and get my certificates reissued, I ought to be OK.
Thanks
Ted
--
R.E.(Ted) Byers, Ph.D.,Ed.D.
On Wed, Apr 9, 2014 at 8:37 AM, Eisenacher, Patrick <
patrick.eisenac...@bdr.de> wrote:
&g
k?
I get the heartbeating message on both unpatched and patched servers.
Should that make me worry about the patched machines?
Thanks
Ted
--
R.E.(Ted) Byers, Ph.D.,Ed.D.
On Wed, Apr 9, 2014 at 9:54 AM, Salz, Rich wrote:
> Ø How do I determine whether or not the web servers I run are
introducing other risks? If so, how?
Also, could the security keys we bought have been compromised?
Any advice on how I can protect my servers better would be appreciated.
Thanks
Ted
--
R.E.(Ted) Byers, Ph.D.,Ed.D.
On Mon, Apr 7, 2014 at 4:31 PM, OpenSSL wrote:
> -BEGIN PGP SIG
I have been working through a tutorial that talks about the use of
openssl, creating root, intermediate, and signing CAs. While the
front page mentions RAs, it says nothing about how they fit, as one is
creating CAs, and crts. The only thing that it says is that an RA may
be the same as a CA. Bu
I found the following using Google.
===begin quote===
IETF PKIX (latest version RFC 5280) is a well accepted profile for
certificates. From section 4.1.2.4, the following fields must be
supported (I've added between parenthesis is the OpenSSL long and
optional short name):
country (countr
I have been working through the tutorial at
http://pki-tutorial.readthedocs.org/en/latest/
There are a number of things that aren't clear.
1) Am I right in assuming that the various commands in that tutorial
can be performed as an ordinary user in a working directory in that
user's home directory
I found a Linux FAQ dealing with this subject, but it is very dated
(11.5 years old) and I do not know how much has changed since it was
last updated. While I am a programmer, I am looking only to use
openssl to make the certificates and keys I need, and not to create
new programs using openssl (u
I issued the following command (with my own name in place of privkey)
openssl genrsa -out privkey.pem 2048
I then made the csr using
openssl req -new -key privkey.pem -out cert.csr
That is simple enough. But, I need a .key file to deploy on the
server beside the crt files.
If I understand thes
OOPS, Thanks guys.
Sorry about the noise, I clicked the openssl list instead of the
opensuse list by mistake.
Thanks again
Ted
__
OpenSSL Project http://www.openssl.org
User Support Mailing List
I obtained a NAS, with a view toward running MySQL on a sever running
MS Small Business Server 2003 (yes, I know, it is old, but I don't
have authority to upgrade it or wipe it and install Linux on it).
Anyway, the latest version of MySQL will not run on that machine.
Therefore, I intend to run MyS
I installed the 64 bit Opensuse 12.3 (with KDE) on a small, entry
level server. Things generally went flawlessly, with one minor
annoyance.
I get a 'Notification' every few minutes that says, "Authorization
failed" on one line, and "Failed to obtain authentication" on the
next. It gives me only
Hi Jakob
On Fri, May 24, 2013 at 11:57 AM, Jakob Bohm wrote:
> On 5/24/2013 9:47 AM, keshava jm wrote:
>>
> [snip]
> The intended and proper way to do things is:
>
> 1. The CA creates its own private key, which is kept in a very secure
> place (like a computer with no network connections, rigge
There is greater need for precision in what is desired. Doing a
base64 encoding and storing encrypted data are two entirely different
matters, required sometimes in quite different circumstances. I
generally do not bother with encoding as that is not normally needed
in what I do, but a 30 second
I am afraid I have not found adequate documentation that I can use to
guide me in editing the contents of openssl.cnf. The comments within
the file do not tell me enough about good values to use for the
different options that are available.
Here are my objectives:
1) A single certificate authori
that can arise in creating such a system)?
I am hoping someone out there can provide info that would spare me
further God knows how many weeks or months of frustratingly fruitless
searching using Google.
Thanks.
Ted
--
R.E.(Ted) By
efan
>
> [1] https://bitbucket.org/stefanholek/pki-tutorial/issues
>
> --
> Stefan H. Holek
> ste...@epy.co.at
>
> __
> OpenSSL Project http://www.openssl.org
> User Support Mailing List
Please consider the following output:
C:\Work>openssl s_client -connect secure.theserver.com:443
Loading 'screen' into random state - done
CONNECTED(00F0)
write:errno=10054
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 0 bytes and written
On Wed, Nov 28, 2012 at 3:54 PM, Wim Lewis wrote:
>
> On 28 Nov 2012, at 12:31 PM, Ted Byers wrote:
>> Is it possible to tell openssl where the configuration file is, e.g.
>> by setting an environment variable, without passing a commandline
>> argument?
>
>
> If
The simpler variant of this question, vis how to tell openssl where
the configuration file is, is a FAQ, and I have seen it countless
times over the past few years, as a result of my searches using
Google. However, my present situation is a bit different.
I am developing perl programs that must m
On Mon, Nov 19, 2012 at 9:45 AM, John Zavgren wrote:
> Thomas:
> You make very good suggestions. Of them all (aside from the use of tact in
> approaching the developers :-) ), I think that easy-to-follow code examples
> would improve the openSSL experience more than anything else you identify.
>
On Tue, Nov 13, 2012 at 4:38 PM, alan buxey wrote:
> Hi,
>
> >Nonsense. No-one knows better how the code ought to be working than
> the
> >folk who developed it. I begin with the assumption that all my
> coders are
>
>
> i'd cite the cathedral and the bazaar ...or the 'many eyes make al
On Tue, Nov 13, 2012 at 3:18 PM, alan buxey wrote:
> Hi,
>
> >I am not criticising the documentation for openssl, and will not; but
> I
> >would encourage those who are responsible for maintaining and
> improving
> >openssl to not neglect the documentation. It would be a mistake to
>
On Tue, Nov 13, 2012 at 2:02 PM, Lee Fisher wrote:
> For things that the peer support forum and the existing documentation
> don't cover, you have the source code, which is definitive.
>
> Additionally, there are professional OpenSSL consultants you can use for
> help.
>
> It would be more produc
On Wed, Nov 7, 2012 at 9:20 AM, Graham Leggett wrote:
> What I'm after is the difference between the given date and now so that I can
> construct a max-age value for Cache-Control. At this stage, there doesn't
> seem to be a way to do this in openssl.
>
> Regards,
> Graham
> --
Why does it need
On Thu, Nov 1, 2012 at 1:47 PM, Indtiny s wrote:
> Hi,
> Thanks for the information , actually I need to write simple webserver for
> the android (in the ndk level for some requirement) .
> I have added some new CIPHER suite to the openssl as per our requirement .
> now I need to write simple we
On Wed, Oct 31, 2012 at 12:31 PM, Indtiny s wrote:
> Hi,
>
> Thanks for the suggestion , while browsing about openssl I came across this
> site http://www.rtfm.com/openssl-examples/
>
> which has code for server which is based on the openssl .
>
> Can I use that server code for my simple webserv
On Tue, Sep 11, 2012 at 12:36 PM, John A. Wallace wrote:
> **
>
> I am trying to figure out whether there is any point in using openssl on
> a home LAN between two computers. Would that improve on security in any
> way? Would I be limited in the types of OS connections? I mean, could
> Iconnect
> -Original Message-
> From: owner-openssl-us...@openssl.org [mailto:owner-openssl-
> us...@openssl.org] On Behalf Of yyy
> Sent: July-29-12 11:18 AM
> To: openssl-users@openssl.org
> Subject: Re: client server management of client SSL certificates
>
> On 2012
> From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Jason Goldberg
> Sent: July-29-12 9:43 AM
> To:
> Subject: Re: client server management of client SSL certificates
>
Thanks Jason,
> There are Javascript libraries which range from generating key pairs t
> -Original Message-
> From: owner-openssl-us...@openssl.org [mailto:owner-openssl-
> us...@openssl.org] On Behalf Of yyy
> Sent: July-29-12 10:09 AM
> To: openssl-users@openssl.org
> Subject: Re: client server management of client SSL certificates
>
> On 2012.07.29. 8:52, Sanford Staab wr
until I started getting replies.
I'll take a look at these sites and see how far they get me. Thanks
Ted
>
> On Jul 25, 2012, at 19:49 , Ted Byers wrote:
>
> > Hi All
> >
> > I just subscribed to this list.
> >
> > I have some familiarity with openss
On Thu, Jul 26, 2012 at 7:20 AM, Florian Rüchel <
florian.ruec...@ruhr-uni-bochum.de> wrote:
> On 26.07.2012 12:57, Tom Browder wrote:
>
>> On Thu, Jul 26, 2012 at 3:45 AM, Marco Molteni (mmolteni)
>> wrote:
>>
>>> Hi,
>>>
>>> there are two open source CA systems I am aware of, although I haven't
On Wed, Jul 25, 2012 at 4:03 PM, Tom Browder wrote:
> On Wed, Jul 25, 2012 at 12:49 PM, Ted Byers wrote:
> > Hi All
>
> Hi, Ted. I, too, have been looking for something like you have. I am
> in the process of creating a Perl program that may be able to help you
> (for
Hi All
I just subscribed to this list.
I have some familiarity with openssl having used it to generate self
signed keys for testing secured web applications (on Apache 2.2),
prior to deployment, at which time my colleagues would buy a server
certificate from one of the usual CAs, such as GoDaddy.
42 matches
Mail list logo