Re: someone in the UK phone Andy pls
Or how about un-subscribing him? At 04:59 PM 9/12/2002 +0200, Jose Correia (J) wrote: and tell him to phone someone at his company to disable his auto-response thingy. Otherwise we are going to end up with hundreds of these things...!! Thanks Jose -- --- This e-mail and its attachments may contain information that is confidential and that may be subject to legal privilege and copyright. If you are not the intended recipient you may not peruse, use, disclose, distribute, copy or retain this message. If you have received this message in error, please notify the sender immediately by e-mail, facsimile or telephone and return and thereafter destroy the original message. Please note that e-mails are subject to viruses, data corruption, delay, interception and unauthorised amendment, and that the sender does not accept liability for any damages that may be incurred as a result of communication by e-mail. No employee or intermediary is authorised to conclude a binding agreement on behalf of the sender by e-mail without express written confirmation by a duly authorised representative of the sender. By transmitting this e-mail message over the Internet the sender does not intend to allow the contents hereof to become part of the public domain, and the confidential nature of the contents shall not be altered or diminished from by such transmission. -- --- __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
how to sign cert for IE SSL proof of concept?
I'm trying to duplicate the recent IE SSL issues, but all I have is a exported server key from an IIS server to sign with. Given the 3 formats you can do this in: DER encoded x.509 Base-64 encoded x.509 PKCS #7 How could I then use these formats to sign a CSR an illustrate the flaw? Yes, these are my keys, and yes I'm RTFM'ing, but the info doesn't seem readily available. Thanks -Mike __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Anyone used OC4J with OpenSSL certs?
[Oracle Container for Java is a Java web server, similar to Tomcat] This is probably more of an oc4j question, but it deals with cryptography/OpenSSL so I was hoping for some input from folks who may have encountered this. If nothing else, it will be nice to have in the archives for those who use OpenSSL in lieu of other tools. [BTW, many thanks to the OpenSSL dev team--very straightforward and functional.] I'm working on an intranet that will use SSL/Client certs for certain authentications. I've set up our own CA using OpenSSL, and have successfully issued server and client certs that work via IIS and Apache (mod_ssl). We've made SSL work on a development workstation via OC4j using a Thawte test cert. However, we can't get our OpenSSL CA certs to work. We have successfully imported our CA root into his cacerts file using the java keytool. However when you hit the OC4J site, the browser has no certificates to choose from in the Client Authentication box. Again, I've made the same certificates work in IIS and Apache. My hunch is that oc4j is not picking up our custom CA (even though keytool -list on the cacerts keystore lists us right along side thawte, verisign, etc) so the browser has no legitimate client certs to choose from (this is the way it works isn't it?). The second problem is that I cant seem to get OC4j to like a web server SSL key Ive generated and signed with our own CA. After importing using keytool, a keytool list only shows the imported key as trustedCertEntry and not a keyEntry. Thanks for any and all input. -Mike __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
