subject:"Using certificate and private key from Windows cert store with OpenSSL"

RE: Using certificate and private key from Windows cert store with OpenSSL

2011-11-02 Thread Andrejs Štrumfs

Hi!

I searched a bit around and came up with this. I used v1.0.0.5 OpenSSL Dlls, 
but if you compile 0.9 with engine enabled, it should work.

function UsePKeyFromCapi(const ASSLCtx: PSSL_CTX; const ACert: PCCERT_CONTEXT): 
Boolean;
var
  CapiEngine: PENGINE;
  EngStatus: Integer;
  ProvLen, ContNameLen: Integer;
  ProvInfo: ^CRYPT_KEY_PROV_INFO;
  ContName: PAnsiChar;
  LKey: PEVP_PKEY;
begin
  f_ENGINE_load_builtin_engines;
  CapiEngine := f_ENGINE_by_id('dynamic');
  Result := True;
  ContNameLen := 0;
  ProvLen := 0;
  ProvInfo := nil;
  ContName := nil;
  LKey := nil;
  try
if CapiEngine  nil then
begin
  EngStatus := f_ENGINE_ctrl_cmd_string(CapiEngine, 'SO_PATH', 
'.\capi.dll', 0);
  if EngStatus  0 then
EngStatus := f_ENGINE_ctrl_cmd_string(CapiEngine, 'LOAD', nil, 0);
  if EngStatus  0 then
EngStatus := f_ENGINE_init(CapiEngine);
  if EngStatus  0 then
f_ENGINE_register_all_complete;
  if (EngStatus  0) and CertGetCertificateContextProperty(ACert, 
CERT_KEY_PROV_INFO_PROP_ID, nil, @ProvLen) then
  begin
ProvInfo := AllocMem(ProvLen);
if CertGetCertificateContextProperty(ACert, CERT_KEY_PROV_INFO_PROP_ID, 
ProvInfo, @ProvLen) then
begin
  ContNameLen := LocaleCharsFromUnicode(DefaultSystemCodePage, 0, 
ProvInfo^.pwszContainerName, -1, nil, 0, nil, nil);
  ContName := AllocMem(ContNameLen);
  LocaleCharsFromUnicode(DefaultSystemCodePage, 0, 
ProvInfo^.pwszContainerName, -1, ContName, ContNameLen, nil, nil)
end;
if f_ENGINE_ctrl_cmd_string(CapiEngine, 'lookup_method', '3', 0)  0 
then
begin
  LKey := f_ENGINE_load_private_key(CapiEngine, ContName, nil, nil);
  if SSL_CTX_use_PrivateKey(ASSLCtx, LKey)  0 then
if SSL_CTX_check_private_key(ASSLCtx)  0 then
  Result := True;
end;
  end;
end;
  finally
f_ENGINE_free(CapiEngine);
if Assigned(ProvInfo) then
  FreeMem(ProvInfo);
if Assigned(ContName) then
  FreeMem(ContName);
if Assigned(LKey) then
  EVP_PKEY_free(LKey);
  end;
end;

 -Original Message-
 From: owner-openssl-us...@openssl.org [mailto:owner-openssl-
 us...@openssl.org] On Behalf Of Vladimir Belov
 Sent: Tuesday, November 01, 2011 7:26 PM
 To: openssl-users@openssl.org
 Subject: Re: Using certificate and private key from Windows cert store
 with OpenSSL
 
 
 How to use  some engine API in my program? What is the name of this
 some engine API or engine plug-in?
 
 Please, give a small example or where can I find documentation about
 this?
 Is any documentation on the openssl.org?
 
 --
 From: Jakob Bohm
 Sent: Tuesday, November 01, 2011 8:04 PM
 To: openssl-users@openssl.org
 Subject: Re: Using certificate and private key from Windows cert store
 with OpenSSL
 
 This option is for the OpenSSL API, and I sure hope it would work with
 all the supported Windows Compilers, so you can use it with the
 compiler needed by the rest of your project.
 
 Once compiled in, your code will need to use some engine API
 at your program startup to request use of that engine plug-in, after
 which you should be able to use the Windows Certificate store and
 contents directly.
 
 On 11/1/2011 4:03 PM, Vladimir Belov wrote:
 
  Thanks, I understood that 'enable-capieng' option is a standard
 option
  for Configure (enable/no).
 
  Is this option only for openssl.exe? How will openssl.exe use Windows
  CERT store? Automatically or there is a command of openssl.exe for
 this.
 
  I asked about OpenSSLAPI functions, that will let me to use Windows
  CERT store directly in my own program. Like X509_verify_cert for
  OpenSSL CERT Store.
 
  Or I must manually extract Certificate during handshake, transform
  it(if
  necessary) and give it to WinAPI functions to next verifications of
  certificate with CryptoAPI?
 
 
  -
 -
  -
 
  From: Sergio NNX
  Sent: Monday, October 31, 2011 11:12 PM
  To: openssl-users@openssl.org
  Subject: RE: Using certificate and private key from Windows cert
 store
  with OpenSSL Ciao.
 
  I use MinGW to build OpenSSL and it has always worked very well.
 
  Steps: a)  perl Configure mingw shared enable-capieng --prefix=/mingw
  --openssldir=C:/OpenSSL
 
   b) make
 
  After a while, you'll have openssl.exe and a couple of DLLs. At this
  stage, you'll be able to access Windows Certificate store.
 
  If you're using Windows boxes, I can send you my copy of OpenSSL for
  you to test.
 
  I hope it helps.
 
  Sergio.
 
 
 
  From: ml.vladimbe...@gmail.com
  To: openssl-users@openssl.org
  Subject: Re: Using certificate and private key from Windows cert
  store with OpenSSL
  Date: Mon, 31 Oct 2011 21:40:44 +0400
 
  Sergio, how to set this option building OpenSSL? I didn't find any
  suggestions in documentation. And can you give a link

Re: Using certificate and private key from Windows cert store with OpenSSL

2011-11-01 Thread Vladimir Belov



Thanks, I understood that 'enable-capieng' option is a standard option for 
Configure (enable/no).


Is this option only for openssl.exe? How will openssl.exe use Windows CERT 
store? Automatically or there is a command of openssl.exe for this.


I asked about OpenSSLAPI functions, that will let me to use Windows CERT 
store directly in my own program. Like X509_verify_cert for OpenSSL CERT 
Store.


Or I must manually extract Certificate during handshake, transform it(if 
necessary) and give it to WinAPI functions to next verifications of 
certificate with CryptoAPI?



---
From: Sergio NNX
Sent: Monday, October 31, 2011 11:12 PM
To: openssl-users@openssl.org
Subject: RE: Using certificate and private key from Windows cert store with 
OpenSSL

Ciao.

I use MinGW to build OpenSSL and it has always worked very well.

Steps: a)  perl Configure mingw shared 
enable-capieng --prefix=/mingw --openssldir=C:/OpenSSL


 b) make

After a while, you'll have openssl.exe and a couple of DLLs. At this stage, 
you'll be able to access Windows Certificate store.


If you're using Windows boxes, I can send you my copy of OpenSSL for you to 
test.


I hope it helps.

Sergio.




From: ml.vladimbe...@gmail.com
To: openssl-users@openssl.org
Subject: Re: Using certificate and private key from Windows cert store 
with OpenSSL

Date: Mon, 31 Oct 2011 21:40:44 +0400

Sergio, how to set this option building OpenSSL? I didn't find any
suggestions in documentation. And can you give a link to the documentation
on the site openssl.org where there are functions of API to work with
Windows CERT Stores?


From: Sergio NNX
Sent: Monday, October 31, 2011 1:02 PM
To: openssl-users@openssl.org
Subject: RE: Using certificate and private key from Windows cert store 
with

OpenSSL
Ciao Andrejs.

I don't know much about the source code you posted previously but if you
build OpenSSL with the 'enable-capieng' option you'll be able to access
every single store and all the certs stored in Windows.

I hope it helps.

Sergio.




__
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org 


__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

Re: Using certificate and private key from Windows cert store with OpenSSL

2011-11-01 Thread Jakob Bohm


This option is for the OpenSSL API, and I sure hope it would work
with all the supported Windows Compilers, so you can use it with
the compiler needed by the rest of your project.

Once compiled in, your code will need to use some engine API
at your program startup to request use of that engine plug-in, after
which you should be able to use the Windows Certificate store
and contents directly.

On 11/1/2011 4:03 PM, Vladimir Belov wrote:


Thanks, I understood that 'enable-capieng' option is a standard option 
for Configure (enable/no).


Is this option only for openssl.exe? How will openssl.exe use Windows 
CERT store? Automatically or there is a command of openssl.exe for this.


I asked about OpenSSLAPI functions, that will let me to use Windows 
CERT store directly in my own program. Like X509_verify_cert for 
OpenSSL CERT Store.


Or I must manually extract Certificate during handshake, transform 
it(if necessary) and give it to WinAPI functions to next verifications 
of certificate with CryptoAPI?



--- 


From: Sergio NNX
Sent: Monday, October 31, 2011 11:12 PM
To: openssl-users@openssl.org
Subject: RE: Using certificate and private key from Windows cert store 
with OpenSSL

Ciao.

I use MinGW to build OpenSSL and it has always worked very well.

Steps: a)  perl Configure mingw shared enable-capieng --prefix=/mingw 
--openssldir=C:/OpenSSL


 b) make

After a while, you'll have openssl.exe and a couple of DLLs. At this 
stage, you'll be able to access Windows Certificate store.


If you're using Windows boxes, I can send you my copy of OpenSSL for 
you to test.


I hope it helps.

Sergio.




From: ml.vladimbe...@gmail.com
To: openssl-users@openssl.org
Subject: Re: Using certificate and private key from Windows cert 
store with OpenSSL

Date: Mon, 31 Oct 2011 21:40:44 +0400

Sergio, how to set this option building OpenSSL? I didn't find any
suggestions in documentation. And can you give a link to the 
documentation

on the site openssl.org where there are functions of API to work with
Windows CERT Stores?


From: Sergio NNX
Sent: Monday, October 31, 2011 1:02 PM
To: openssl-users@openssl.org
Subject: RE: Using certificate and private key from Windows cert 
store with

OpenSSL
Ciao Andrejs.

I don't know much about the source code you posted previously but if you
build OpenSSL with the 'enable-capieng' option you'll be able to access
every single store and all the certs stored in Windows.

I hope it helps.

Sergio.




__
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org 


__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org


__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

Re: Using certificate and private key from Windows cert store with OpenSSL

2011-11-01 Thread Vladimir Belov



How to use  some engine API in my program? What is the name of this some 
engine API or engine plug-in?


Please, give a small example or where can I find documentation about this? 
Is any documentation on the openssl.org?


--
From: Jakob Bohm
Sent: Tuesday, November 01, 2011 8:04 PM
To: openssl-users@openssl.org
Subject: Re: Using certificate and private key from Windows cert store with 
OpenSSL


This option is for the OpenSSL API, and I sure hope it would work
with all the supported Windows Compilers, so you can use it with
the compiler needed by the rest of your project.

Once compiled in, your code will need to use some engine API
at your program startup to request use of that engine plug-in, after
which you should be able to use the Windows Certificate store
and contents directly.

On 11/1/2011 4:03 PM, Vladimir Belov wrote:


Thanks, I understood that 'enable-capieng' option is a standard option for 
Configure (enable/no).


Is this option only for openssl.exe? How will openssl.exe use Windows CERT 
store? Automatically or there is a command of openssl.exe for this.


I asked about OpenSSLAPI functions, that will let me to use Windows CERT 
store directly in my own program. Like X509_verify_cert for OpenSSL CERT 
Store.


Or I must manually extract Certificate during handshake, transform it(if 
necessary) and give it to WinAPI functions to next verifications of 
certificate with CryptoAPI?



---

From: Sergio NNX
Sent: Monday, October 31, 2011 11:12 PM
To: openssl-users@openssl.org
Subject: RE: Using certificate and private key from Windows cert store 
with OpenSSL

Ciao.

I use MinGW to build OpenSSL and it has always worked very well.

Steps: a)  perl Configure mingw shared 
enable-capieng --prefix=/mingw --openssldir=C:/OpenSSL


 b) make

After a while, you'll have openssl.exe and a couple of DLLs. At this 
stage, you'll be able to access Windows Certificate store.


If you're using Windows boxes, I can send you my copy of OpenSSL for you 
to test.


I hope it helps.

Sergio.




From: ml.vladimbe...@gmail.com
To: openssl-users@openssl.org
Subject: Re: Using certificate and private key from Windows cert store 
with OpenSSL

Date: Mon, 31 Oct 2011 21:40:44 +0400

Sergio, how to set this option building OpenSSL? I didn't find any
suggestions in documentation. And can you give a link to the 
documentation

on the site openssl.org where there are functions of API to work with
Windows CERT Stores?


From: Sergio NNX
Sent: Monday, October 31, 2011 1:02 PM
To: openssl-users@openssl.org
Subject: RE: Using certificate and private key from Windows cert store 
with

OpenSSL
Ciao Andrejs.

I don't know much about the source code you posted previously but if you
build OpenSSL with the 'enable-capieng' option you'll be able to access
every single store and all the certs stored in Windows.

I hope it helps.

Sergio.




__
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org


__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org


__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org 


__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

Re: Using certificate and private key from Windows cert store with OpenSSL

2011-11-01 Thread Jakob Bohm

I actually don't know, but try looking in the source code for the 
openssl.exe

utility and look at what it does with the engine command line option.

On 11/1/2011 6:26 PM, Vladimir Belov wrote:


How to use  some engine API in my program? What is the name of this 
some engine API or engine plug-in?


Please, give a small example or where can I find documentation about 
this? Is any documentation on the openssl.org?


--
From: Jakob Bohm
Sent: Tuesday, November 01, 2011 8:04 PM
To: openssl-users@openssl.org
Subject: Re: Using certificate and private key from Windows cert store 
with OpenSSL


This option is for the OpenSSL API, and I sure hope it would work
with all the supported Windows Compilers, so you can use it with
the compiler needed by the rest of your project.

Once compiled in, your code will need to use some engine API
at your program startup to request use of that engine plug-in, after
which you should be able to use the Windows Certificate store
and contents directly.

On 11/1/2011 4:03 PM, Vladimir Belov wrote:


Thanks, I understood that 'enable-capieng' option is a standard 
option for Configure (enable/no).


Is this option only for openssl.exe? How will openssl.exe use Windows 
CERT store? Automatically or there is a command of openssl.exe for this.


I asked about OpenSSLAPI functions, that will let me to use Windows 
CERT store directly in my own program. Like X509_verify_cert for 
OpenSSL CERT Store.


Or I must manually extract Certificate during handshake, transform 
it(if necessary) and give it to WinAPI functions to next 
verifications of certificate with CryptoAPI?



--- 



From: Sergio NNX
Sent: Monday, October 31, 2011 11:12 PM
To: openssl-users@openssl.org
Subject: RE: Using certificate and private key from Windows cert 
store with OpenSSL

Ciao.

I use MinGW to build OpenSSL and it has always worked very well.

Steps: a)  perl Configure mingw shared enable-capieng --prefix=/mingw 
--openssldir=C:/OpenSSL


 b) make

After a while, you'll have openssl.exe and a couple of DLLs. At this 
stage, you'll be able to access Windows Certificate store.


If you're using Windows boxes, I can send you my copy of OpenSSL for 
you to test.


I hope it helps.

Sergio.




From: ml.vladimbe...@gmail.com
To: openssl-users@openssl.org
Subject: Re: Using certificate and private key from Windows cert 
store with OpenSSL

Date: Mon, 31 Oct 2011 21:40:44 +0400

Sergio, how to set this option building OpenSSL? I didn't find any
suggestions in documentation. And can you give a link to the 
documentation

on the site openssl.org where there are functions of API to work with
Windows CERT Stores?


From: Sergio NNX
Sent: Monday, October 31, 2011 1:02 PM
To: openssl-users@openssl.org
Subject: RE: Using certificate and private key from Windows cert 
store with

OpenSSL
Ciao Andrejs.

I don't know much about the source code you posted previously but if 
you

build OpenSSL with the 'enable-capieng' option you'll be able to access
every single store and all the certs stored in Windows.

I hope it helps.

Sergio.




__
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org


__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org


__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org


__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

Re: Using certificate and private key from Windows cert store with OpenSSL

2011-11-01 Thread Dr. Stephen Henson

On Tue, Nov 01, 2011, Vladimir Belov wrote:

 
 How to use  some engine API in my program? What is the name of
 this some engine API or engine plug-in?
 
 Please, give a small example or where can I find documentation about
 this? Is any documentation on the openssl.org?
 

Note that the ENGINE API currently only accesses keys and not
certificates. The CryptoAPI ENGINE can be used to redirect operations to
private keys stored on Windows.

Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

Re: Using certificate and private key from Windows cert store with OpenSSL

2011-11-01 Thread Vladimir Belov

Thanks for answer, Stephen. Does it mean that if I want to perform 
Certificate Verification with Windows CryptoAPI I must manually extract 
certificate from handshake procedure or get it through callback function, 
change its format (to be compatible with WinAPI functions) and give it to 
WinAPI functions for  next verifications of certificate with Windows 
CryptoAPI?



From: Dr. Stephen Henson
Sent: Tuesday, November 01, 2011 10:45 PM
To: openssl-users@openssl.org
Subject: Re: Using certificate and private key from Windows cert store 
with OpenSSL



On Tue, Nov 01, 2011, Vladimir Belov wrote:




 How to use  some engine API in my program? What is the name of
 this some engine API or engine plug-in?

 Please, give a small example or where can I find documentation about
 this? Is any documentation on the openssl.org?




Note that the ENGINE API currently only accesses keys and not
certificates. The CryptoAPI ENGINE can be used to redirect operations to
private keys stored on Windows.



Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org 


__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

Re: Using certificate and private key from Windows cert store with OpenSSL

2011-11-01 Thread Jakob Bohm


Or you could use CryptoAPI functions to get the certificates
(not private keys) from CryptoAPI and load them into OpenSSL.

Note that while your original post used the historic CryptoAPI specific
structures for bare RSA keys, which differ a lot from their OpenSSL
counterparts, the CryptoAPI certificate functions (CertXxx) tend to
provide and accept raw DER encoded certificate blobs, which can
also be handled by OpenSSL.

On 11/1/2011 8:13 PM, Vladimir Belov wrote:
Thanks for answer, Stephen. Does it mean that if I want to perform 
Certificate Verification with Windows CryptoAPI I must manually 
extract certificate from handshake procedure or get it through 
callback function, change its format (to be compatible with WinAPI 
functions) and give it to WinAPI functions for  next verifications of 
certificate with Windows CryptoAPI?



From: Dr. Stephen Henson
Sent: Tuesday, November 01, 2011 10:45 PM
To: openssl-users@openssl.org
Subject: Re: Using certificate and private key from Windows cert 
store with OpenSSL



On Tue, Nov 01, 2011, Vladimir Belov wrote:




 How to use  some engine API in my program? What is the name of
 this some engine API or engine plug-in?

 Please, give a small example or where can I find documentation about
 this? Is any documentation on the openssl.org?




Note that the ENGINE API currently only accesses keys and not
certificates. The CryptoAPI ENGINE can be used to redirect operations to
private keys stored on Windows.



Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org 


__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org


__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

RE: Using certificate and private key from Windows cert store with OpenSSL

2011-10-31 Thread Andrejs Štrumfs

Duh... I was sure these were the needed parts. Now, I tried to call 
CryptExportKey with PRIVATEKEYBLOB flag, and of course it returned error, 
because the certificate was imported to store without Mark as Exportable 
option. But there has to be way to use certificate and private key somehow with 
OpenSSL? I'm really beginner with this certificate thing, maybe I just don't 
understand something? :)

 
 Simple, really:
 
 You have not set the private part of the private key (d, p, q, dmp1,
 dmq1, iqmp).
 
 You need to export the private key from CryptoAPI too, and convert that
 blob, not the public key blob.
 
 Alternatively, I have heard rumors of a CryptoAPI engine plug in for
 OpenSSL which will let OpenSSL directly use the keys and certificates
 stored by Windows.
 
 
 On 10/28/2011 9:48 AM, Andrejs Štrumfs wrote:
  Hi!
 
  I am trying to make a program, that uses some Web Services in Delphi
 XE. To connect to the Web Services, i have to use self signed (hope
 this is correct term) certificate, which is stored in Windows cert
 store. So, i open the cert store with CertOpenSystemStore, get cert
 with CertFindCertificateInStore and set it with
 SSL_CTX_use_certificate. No problem with this. Then i get the public
 key blob with CryptExportKey and make up a private key like this:
 
  function PrivKeyBlob2RSA(const AKeyBlob: PByte; const ALength:
  Integer; const ASSLCtx: PSSL_CTX): IdSSLOpenSSLHeaders.PEVP_PKEY; var
 modulus: PByte;
 bh: PBLOBHEADER;
 rp: PRSAPUBKEY;
 rsa_modlen: DWORD;
 rsa_modulus: PAnsiChar;
 rkey: PRSA;
  begin
 bh := PBLOBHEADER(AKeyBlob);
 Assert(bh^.bType = PUBLICKEYBLOB);
 rp := PRSAPUBKEY(AKeyBlob + 8);
 Assert(rp.magic = $31415352);
 rsa_modulus := PAnsiChar(Integer(Pointer(rp))+12);
 rkey := RSA_new_method(ASSLCtx.client_cert_engine);
 rkey^.References := 1;
 rkey^.e := BN_new;
 rkey^.n := BN_new;
 BN_set_word(rkey^.e, rp^.pubexp);
 rsa_modlen := (rp^.bitlen div 8) + 1;
 modulus := AllocMem(rsa_modlen);
 CopyMemory(modulus, rsa_modulus, rsa_modlen);
 RevBuffer(modulus, rsa_modlen);
 BN_bin2bn(modulus, rsa_modlen, rkey^.n);
 Result := EVP_PKEY_new;
 EVP_PKEY_assign_RSA(Result, PAnsiChar(rkey)); end;
 
  and set it up with SSL_CTX_use_PrivateKey and
 SSL_CTX_check_private_key. Also, no problem so far. But then, when data
 transfer begins, i get access violation in libeay32.dll - Access
 violation at address 09881C5F in module 'libeay32.dll'. Read of address
 . If i load the key from .pem file, everything is fine.
 
  The libeay32.dll version is 1.0.0.5. Tried with version 0.9.something
 too - got the same error, just different address.
 
  Below is the RSA structure i get in PrivKeyBlob2RSA:
 
  pad0
  version  0
  meth   $898030C
  engine nil
  n  $A62D508
  e  $A62D4D8
  d  nil
  p  nil
  q  nil
  dmp1   nil
  dmq1   nil
  iqmp   nil
  ex_data (nil, -1163005939 {$BAADF00D}) references  1
  flags  6
  _method_mod_n   nil
  _method_mod_p   nil
  _method_mod_q   nil
  bignum_data nil {#0}
  blindingnil
  mt_blinding nil
 
  I checked the n and e bignums, and they are CORRECT, and everything
  else looks ok. The error happens when calling function ssl_read. I
  can't see what i am doing wrong, please help :) Thanks
 
  Andrejs
 
 
 __
 OpenSSL Project http://www.openssl.org
 User Support Mailing Listopenssl-users@openssl.org
 Automated List Manager   majord...@openssl.org
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

Re: Using certificate and private key from Windows cert store with OpenSSL

2011-10-31 Thread Jakob Bohm

In that case look for the CryptoAPI engine for openssl, not sure of its 
official name though.


On 10/29/2011 8:21 AM, Andrejs Štrumfs wrote:

Duh... I was sure these were the needed parts. Now, I tried to call 
CryptExportKey with PRIVATEKEYBLOB flag, and of course it returned error, 
because the certificate was imported to store without Mark as Exportable 
option. But there has to be way to use certificate and private key somehow with 
OpenSSL? I'm really beginner with this certificate thing, maybe I just don't 
understand something? :)


Simple, really:

You have not set the private part of the private key (d, p, q, dmp1,
dmq1, iqmp).

You need to export the private key from CryptoAPI too, and convert that
blob, not the public key blob.

Alternatively, I have heard rumors of a CryptoAPI engine plug in for
OpenSSL which will let OpenSSL directly use the keys and certificates
stored by Windows.


On 10/28/2011 9:48 AM, Andrejs Štrumfs wrote:

Hi!

I am trying to make a program, that uses some Web Services in Delphi

XE. To connect to the Web Services, i have to use self signed (hope
this is correct term) certificate, which is stored in Windows cert
store. So, i open the cert store with CertOpenSystemStore, get cert
with CertFindCertificateInStore and set it with
SSL_CTX_use_certificate. No problem with this. Then i get the public
key blob with CryptExportKey and make up a private key like this:

function PrivKeyBlob2RSA(const AKeyBlob: PByte; const ALength:
Integer; const ASSLCtx: PSSL_CTX): IdSSLOpenSSLHeaders.PEVP_PKEY; var
modulus: PByte;
bh: PBLOBHEADER;
rp: PRSAPUBKEY;
rsa_modlen: DWORD;
rsa_modulus: PAnsiChar;
rkey: PRSA;
begin
bh := PBLOBHEADER(AKeyBlob);
Assert(bh^.bType = PUBLICKEYBLOB);
rp := PRSAPUBKEY(AKeyBlob + 8);
Assert(rp.magic = $31415352);
rsa_modulus := PAnsiChar(Integer(Pointer(rp))+12);
rkey := RSA_new_method(ASSLCtx.client_cert_engine);
rkey^.References := 1;
rkey^.e := BN_new;
rkey^.n := BN_new;
BN_set_word(rkey^.e, rp^.pubexp);
rsa_modlen := (rp^.bitlen div 8) + 1;
modulus := AllocMem(rsa_modlen);
CopyMemory(modulus, rsa_modulus, rsa_modlen);
RevBuffer(modulus, rsa_modlen);
BN_bin2bn(modulus, rsa_modlen, rkey^.n);
Result := EVP_PKEY_new;
EVP_PKEY_assign_RSA(Result, PAnsiChar(rkey)); end;

and set it up with SSL_CTX_use_PrivateKey and

SSL_CTX_check_private_key. Also, no problem so far. But then, when data
transfer begins, i get access violation in libeay32.dll - Access
violation at address 09881C5F in module 'libeay32.dll'. Read of address
. If i load the key from .pem file, everything is fine.

The libeay32.dll version is 1.0.0.5. Tried with version 0.9.something

too - got the same error, just different address.

Below is the RSA structure i get in PrivKeyBlob2RSA:

pad0
version  0
meth   $898030C
engine nil
n  $A62D508
e  $A62D4D8
d  nil
p  nil
q  nil
dmp1   nil
dmq1   nil
iqmp   nil
ex_data (nil, -1163005939 {$BAADF00D}) references  1
flags  6
_method_mod_n   nil
_method_mod_p   nil
_method_mod_q   nil
bignum_data nil {#0}
blindingnil
mt_blinding nil

I checked the n and e bignums, and they are CORRECT, and everything
else looks ok. The error happens when calling function ssl_read. I
can't see what i am doing wrong, please help :) Thanks

Andrejs


__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org


__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

RE: Using certificate and private key from Windows cert store with OpenSSL

2011-10-31 Thread Sergio NNX


Ciao Andrejs.

I don't know much about the source code you posted previously but if you build 
OpenSSL with the 'enable-capieng' option you'll be able to access every single 
store and all the certs stored in Windows.

I hope it helps.

Sergio.


 Date: Mon, 31 Oct 2011 09:44:11 +0100
 From: jb-open...@wisemo.com
 To: openssl-users@openssl.org
 Subject: Re: Using certificate and private key from Windows cert store with 
 OpenSSL
 
 In that case look for the CryptoAPI engine for openssl, not sure of its 
 official name though.
 
 On 10/29/2011 8:21 AM, Andrejs Štrumfs wrote:
  Duh... I was sure these were the needed parts. Now, I tried to call 
  CryptExportKey with PRIVATEKEYBLOB flag, and of course it returned error, 
  because the certificate was imported to store without Mark as Exportable 
  option. But there has to be way to use certificate and private key somehow 
  with OpenSSL? I'm really beginner with this certificate thing, maybe I just 
  don't understand something? :)
 
  Simple, really:
 
  You have not set the private part of the private key (d, p, q, dmp1,
  dmq1, iqmp).
 
  You need to export the private key from CryptoAPI too, and convert that
  blob, not the public key blob.
 
  Alternatively, I have heard rumors of a CryptoAPI engine plug in for
  OpenSSL which will let OpenSSL directly use the keys and certificates
  stored by Windows.
 
 
  On 10/28/2011 9:48 AM, Andrejs Štrumfs wrote:
  Hi!
 
  I am trying to make a program, that uses some Web Services in Delphi
  XE. To connect to the Web Services, i have to use self signed (hope
  this is correct term) certificate, which is stored in Windows cert
  store. So, i open the cert store with CertOpenSystemStore, get cert
  with CertFindCertificateInStore and set it with
  SSL_CTX_use_certificate. No problem with this. Then i get the public
  key blob with CryptExportKey and make up a private key like this:
  function PrivKeyBlob2RSA(const AKeyBlob: PByte; const ALength:
  Integer; const ASSLCtx: PSSL_CTX): IdSSLOpenSSLHeaders.PEVP_PKEY; var
  modulus: PByte;
  bh: PBLOBHEADER;
  rp: PRSAPUBKEY;
  rsa_modlen: DWORD;
  rsa_modulus: PAnsiChar;
  rkey: PRSA;
  begin
  bh := PBLOBHEADER(AKeyBlob);
  Assert(bh^.bType = PUBLICKEYBLOB);
  rp := PRSAPUBKEY(AKeyBlob + 8);
  Assert(rp.magic = $31415352);
  rsa_modulus := PAnsiChar(Integer(Pointer(rp))+12);
  rkey := RSA_new_method(ASSLCtx.client_cert_engine);
  rkey^.References := 1;
  rkey^.e := BN_new;
  rkey^.n := BN_new;
  BN_set_word(rkey^.e, rp^.pubexp);
  rsa_modlen := (rp^.bitlen div 8) + 1;
  modulus := AllocMem(rsa_modlen);
  CopyMemory(modulus, rsa_modulus, rsa_modlen);
  RevBuffer(modulus, rsa_modlen);
  BN_bin2bn(modulus, rsa_modlen, rkey^.n);
  Result := EVP_PKEY_new;
  EVP_PKEY_assign_RSA(Result, PAnsiChar(rkey)); end;
 
  and set it up with SSL_CTX_use_PrivateKey and
  SSL_CTX_check_private_key. Also, no problem so far. But then, when data
  transfer begins, i get access violation in libeay32.dll - Access
  violation at address 09881C5F in module 'libeay32.dll'. Read of address
  . If i load the key from .pem file, everything is fine.
  The libeay32.dll version is 1.0.0.5. Tried with version 0.9.something
  too - got the same error, just different address.
  Below is the RSA structure i get in PrivKeyBlob2RSA:
 
  pad0
  version  0
  meth   $898030C
  engine nil
  n  $A62D508
  e  $A62D4D8
  d  nil
  p  nil
  q  nil
  dmp1   nil
  dmq1   nil
  iqmp   nil
  ex_data (nil, -1163005939 {$BAADF00D}) references  1
  flags  6
  _method_mod_n   nil
  _method_mod_p   nil
  _method_mod_q   nil
  bignum_data nil {#0}
  blindingnil
  mt_blinding nil
 
  I checked the n and e bignums, and they are CORRECT, and everything
  else looks ok. The error happens when calling function ssl_read. I
  can't see what i am doing wrong, please help :) Thanks
 
  Andrejs
 
  __
  OpenSSL Project http://www.openssl.org
  User Support Mailing Listopenssl-users@openssl.org
  Automated List Manager   majord...@openssl.org
  __
  OpenSSL Project http://www.openssl.org
  User Support Mailing Listopenssl-users@openssl.org
  Automated List Manager   majord...@openssl.org
 
 __
 OpenSSL Project http://www.openssl.org
 User Support Mailing Listopenssl-users@openssl.org
 Automated List Manager   majord...@openssl.org

Re: Using certificate and private key from Windows cert store with OpenSSL

2011-10-31 Thread Jakob Bohm

Thanks, that was the option I was just suggesting, but I could not 
remember the name.


Thanks for finding the name for me, hope it helps the OP.

On 10/31/2011 10:02 AM, Sergio NNX wrote:

Ciao Andrejs.

I don't know much about the source code you posted previously but if you build 
OpenSSL with the 'enable-capieng' option you'll be able to access every single 
store and all the certs stored in Windows.

I hope it helps.

Sergio.



Date: Mon, 31 Oct 2011 09:44:11 +0100
From: jb-open...@wisemo.com
To: openssl-users@openssl.org
Subject: Re: Using certificate and private key from Windows cert store with 
OpenSSL

In that case look for the CryptoAPI engine for openssl, not sure of its
official name though.

On 10/29/2011 8:21 AM, Andrejs Štrumfs wrote:

Duh... I was sure these were the needed parts. Now, I tried to call 
CryptExportKey with PRIVATEKEYBLOB flag, and of course it returned error, 
because the certificate was imported to store without Mark as Exportable 
option. But there has to be way to use certificate and private key somehow with 
OpenSSL? I'm really beginner with this certificate thing, maybe I just don't 
understand something? :)


Simple, really:

You have not set the private part of the private key (d, p, q, dmp1,
dmq1, iqmp).

You need to export the private key from CryptoAPI too, and convert that
blob, not the public key blob.

Alternatively, I have heard rumors of a CryptoAPI engine plug in for
OpenSSL which will let OpenSSL directly use the keys and certificates
stored by Windows.


On 10/28/2011 9:48 AM, Andrejs Štrumfs wrote:

Hi!

I am trying to make a program, that uses some Web Services in Delphi

XE. To connect to the Web Services, i have to use self signed (hope
this is correct term) certificate, which is stored in Windows cert
store. So, i open the cert store with CertOpenSystemStore, get cert
with CertFindCertificateInStore and set it with
SSL_CTX_use_certificate. No problem with this. Then i get the public
key blob with CryptExportKey and make up a private key like this:

function PrivKeyBlob2RSA(const AKeyBlob: PByte; const ALength:
Integer; const ASSLCtx: PSSL_CTX): IdSSLOpenSSLHeaders.PEVP_PKEY; var
 modulus: PByte;
 bh: PBLOBHEADER;
 rp: PRSAPUBKEY;
 rsa_modlen: DWORD;
 rsa_modulus: PAnsiChar;
 rkey: PRSA;
begin
 bh := PBLOBHEADER(AKeyBlob);
 Assert(bh^.bType = PUBLICKEYBLOB);
 rp := PRSAPUBKEY(AKeyBlob + 8);
 Assert(rp.magic = $31415352);
 rsa_modulus := PAnsiChar(Integer(Pointer(rp))+12);
 rkey := RSA_new_method(ASSLCtx.client_cert_engine);
 rkey^.References := 1;
 rkey^.e := BN_new;
 rkey^.n := BN_new;
 BN_set_word(rkey^.e, rp^.pubexp);
 rsa_modlen := (rp^.bitlen div 8) + 1;
 modulus := AllocMem(rsa_modlen);
 CopyMemory(modulus, rsa_modulus, rsa_modlen);
 RevBuffer(modulus, rsa_modlen);
 BN_bin2bn(modulus, rsa_modlen, rkey^.n);
 Result := EVP_PKEY_new;
 EVP_PKEY_assign_RSA(Result, PAnsiChar(rkey)); end;

and set it up with SSL_CTX_use_PrivateKey and

SSL_CTX_check_private_key. Also, no problem so far. But then, when data
transfer begins, i get access violation in libeay32.dll - Access
violation at address 09881C5F in module 'libeay32.dll'. Read of address
. If i load the key from .pem file, everything is fine.

The libeay32.dll version is 1.0.0.5. Tried with version 0.9.something

too - got the same error, just different address.

Below is the RSA structure i get in PrivKeyBlob2RSA:

pad0
version  0
meth   $898030C
engine nil
n  $A62D508
e  $A62D4D8
d  nil
p  nil
q  nil
dmp1   nil
dmq1   nil
iqmp   nil
ex_data (nil, -1163005939 {$BAADF00D}) references  1
flags  6
_method_mod_n   nil
_method_mod_p   nil
_method_mod_q   nil
bignum_data nil {#0}
blindingnil
mt_blinding nil

I checked the n and e bignums, and they are CORRECT, and everything
else looks ok. The error happens when calling function ssl_read. I
can't see what i am doing wrong, please help :) Thanks

Andrejs


__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

Re: Using certificate and private key from Windows cert store with OpenSSL

2011-10-31 Thread Vladimir Belov

Sergio, how to set this option building OpenSSL? I didn't find any 
suggestions in documentation. And can you give a link to the documentation 
on the site openssl.org where there are functions of API to work with 
Windows CERT Stores?

From: Sergio NNX
Sent: Monday, October 31, 2011 1:02 PM
To: openssl-users@openssl.org
Subject: RE: Using certificate and private key from Windows cert store with 
OpenSSL

Ciao Andrejs.

I don't know much about the source code you posted previously but if you 
build OpenSSL with the 'enable-capieng' option you'll be able to access 
every single store and all the certs stored in Windows.

I hope it helps.

Sergio.

__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

RE: Using certificate and private key from Windows cert store with OpenSSL

2011-10-31 Thread Sergio NNX


Ciao.

I use MinGW to build OpenSSL and it has always worked very well.

Steps: a)  perl Configure mingw shared enable-capieng --prefix=/mingw 
--openssldir=C:/OpenSSL

  b) make

After a while, you'll have openssl.exe and a couple of DLLs. At this stage, 
you'll be able to access Windows Certificate store.

If you're using Windows boxes, I can send you my copy of OpenSSL for you to 
test.

I hope it helps.

Sergio. 


 From: ml.vladimbe...@gmail.com
 To: openssl-users@openssl.org
 Subject: Re: Using certificate and private key from Windows cert store with 
 OpenSSL
 Date: Mon, 31 Oct 2011 21:40:44 +0400
 
 Sergio, how to set this option building OpenSSL? I didn't find any 
 suggestions in documentation. And can you give a link to the documentation 
 on the site openssl.org where there are functions of API to work with 
 Windows CERT Stores?
 
 
 From: Sergio NNX
 Sent: Monday, October 31, 2011 1:02 PM
 To: openssl-users@openssl.org
 Subject: RE: Using certificate and private key from Windows cert store with 
 OpenSSL
 Ciao Andrejs.
 
 I don't know much about the source code you posted previously but if you 
 build OpenSSL with the 'enable-capieng' option you'll be able to access 
 every single store and all the certs stored in Windows.
 
 I hope it helps.
 
 Sergio.
 
 
 
 
 __
 OpenSSL Project http://www.openssl.org
 User Support Mailing Listopenssl-users@openssl.org
 Automated List Manager   majord...@openssl.org

Using certificate and private key from Windows cert store with OpenSSL

2011-10-28 Thread Andrejs Štrumfs

Hi!

I am trying to make a program, that uses some Web Services in Delphi XE. To 
connect to the Web Services, i have to use self signed (hope this is correct 
term) certificate, which is stored in Windows cert store. So, i open the cert 
store with CertOpenSystemStore, get cert with CertFindCertificateInStore and 
set it with SSL_CTX_use_certificate. No problem with this. Then i get the 
public key blob with CryptExportKey and make up a private key like this:

function PrivKeyBlob2RSA(const AKeyBlob: PByte; const ALength: Integer; const 
ASSLCtx: PSSL_CTX): IdSSLOpenSSLHeaders.PEVP_PKEY;
var
  modulus: PByte;
  bh: PBLOBHEADER;
  rp: PRSAPUBKEY;
  rsa_modlen: DWORD;
  rsa_modulus: PAnsiChar;
  rkey: PRSA;
begin
  bh := PBLOBHEADER(AKeyBlob);
  Assert(bh^.bType = PUBLICKEYBLOB);
  rp := PRSAPUBKEY(AKeyBlob + 8);
  Assert(rp.magic = $31415352);
  rsa_modulus := PAnsiChar(Integer(Pointer(rp))+12);
  rkey := RSA_new_method(ASSLCtx.client_cert_engine);
  rkey^.References := 1;
  rkey^.e := BN_new;
  rkey^.n := BN_new;
  BN_set_word(rkey^.e, rp^.pubexp);
  rsa_modlen := (rp^.bitlen div 8) + 1;
  modulus := AllocMem(rsa_modlen);
  CopyMemory(modulus, rsa_modulus, rsa_modlen);
  RevBuffer(modulus, rsa_modlen);
  BN_bin2bn(modulus, rsa_modlen, rkey^.n);
  Result := EVP_PKEY_new;
  EVP_PKEY_assign_RSA(Result, PAnsiChar(rkey));
end;

and set it up with SSL_CTX_use_PrivateKey and SSL_CTX_check_private_key. Also, 
no problem so far. But then, when data transfer begins, i get access violation 
in libeay32.dll - Access violation at address 09881C5F in module 
'libeay32.dll'. Read of address . If i load the key from .pem file, 
everything is fine.

The libeay32.dll version is 1.0.0.5. Tried with version 0.9.something too - got 
the same error, just different address.

Below is the RSA structure i get in PrivKeyBlob2RSA:

pad0
version  0
meth   $898030C
engine nil
n  $A62D508
e  $A62D4D8
d  nil
p  nil
q  nil
dmp1   nil
dmq1   nil
iqmp   nil
ex_data (nil, -1163005939 {$BAADF00D})
references  1
flags  6
_method_mod_n   nil
_method_mod_p   nil
_method_mod_q   nil
bignum_data nil {#0}
blindingnil
mt_blinding nil

I checked the n and e bignums, and they are CORRECT, and everything else looks 
ok. The error happens when calling function ssl_read. I can't see what i am 
doing wrong, please help :)
Thanks

Andrejs

Re: Using certificate and private key from Windows cert store with OpenSSL

2011-10-28 Thread Jakob Bohm


Simple, really:

You have not set the private part of the private key (d, p, q, dmp1, 
dmq1, iqmp).


You need to export the private key from CryptoAPI too, and convert that 
blob,

not the public key blob.

Alternatively, I have heard rumors of a CryptoAPI engine plug in for 
OpenSSL
which will let OpenSSL directly use the keys and certificates stored by 
Windows.



On 10/28/2011 9:48 AM, Andrejs Štrumfs wrote:

Hi!

I am trying to make a program, that uses some Web Services in Delphi XE. To 
connect to the Web Services, i have to use self signed (hope this is correct 
term) certificate, which is stored in Windows cert store. So, i open the cert 
store with CertOpenSystemStore, get cert with CertFindCertificateInStore and 
set it with SSL_CTX_use_certificate. No problem with this. Then i get the 
public key blob with CryptExportKey and make up a private key like this:

function PrivKeyBlob2RSA(const AKeyBlob: PByte; const ALength: Integer; const 
ASSLCtx: PSSL_CTX): IdSSLOpenSSLHeaders.PEVP_PKEY;
var
   modulus: PByte;
   bh: PBLOBHEADER;
   rp: PRSAPUBKEY;
   rsa_modlen: DWORD;
   rsa_modulus: PAnsiChar;
   rkey: PRSA;
begin
   bh := PBLOBHEADER(AKeyBlob);
   Assert(bh^.bType = PUBLICKEYBLOB);
   rp := PRSAPUBKEY(AKeyBlob + 8);
   Assert(rp.magic = $31415352);
   rsa_modulus := PAnsiChar(Integer(Pointer(rp))+12);
   rkey := RSA_new_method(ASSLCtx.client_cert_engine);
   rkey^.References := 1;
   rkey^.e := BN_new;
   rkey^.n := BN_new;
   BN_set_word(rkey^.e, rp^.pubexp);
   rsa_modlen := (rp^.bitlen div 8) + 1;
   modulus := AllocMem(rsa_modlen);
   CopyMemory(modulus, rsa_modulus, rsa_modlen);
   RevBuffer(modulus, rsa_modlen);
   BN_bin2bn(modulus, rsa_modlen, rkey^.n);
   Result := EVP_PKEY_new;
   EVP_PKEY_assign_RSA(Result, PAnsiChar(rkey));
end;

and set it up with SSL_CTX_use_PrivateKey and SSL_CTX_check_private_key. Also, 
no problem so far. But then, when data transfer begins, i get access violation 
in libeay32.dll - Access violation at address 09881C5F in module 
'libeay32.dll'. Read of address . If i load the key from .pem file, 
everything is fine.

The libeay32.dll version is 1.0.0.5. Tried with version 0.9.something too - got 
the same error, just different address.

Below is the RSA structure i get in PrivKeyBlob2RSA:

pad0
version  0
meth   $898030C
engine nil
n  $A62D508
e  $A62D4D8
d  nil
p  nil
q  nil
dmp1   nil
dmq1   nil
iqmp   nil
ex_data (nil, -1163005939 {$BAADF00D})
references  1
flags  6
_method_mod_n   nil
_method_mod_p   nil
_method_mod_q   nil
bignum_data nil {#0}
blindingnil
mt_blinding nil

I checked the n and e bignums, and they are CORRECT, and everything else looks 
ok. The error happens when calling function ssl_read. I can't see what i am 
doing wrong, please help :)
Thanks

Andrejs



__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

RE: Using certificate and private key from Windows cert store with OpenSSL

Re: Using certificate and private key from Windows cert store with OpenSSL

Re: Using certificate and private key from Windows cert store with OpenSSL

Re: Using certificate and private key from Windows cert store with OpenSSL

Re: Using certificate and private key from Windows cert store with OpenSSL

Re: Using certificate and private key from Windows cert store with OpenSSL

Re: Using certificate and private key from Windows cert store with OpenSSL

Re: Using certificate and private key from Windows cert store with OpenSSL

RE: Using certificate and private key from Windows cert store with OpenSSL

Re: Using certificate and private key from Windows cert store with OpenSSL

RE: Using certificate and private key from Windows cert store with OpenSSL

Re: Using certificate and private key from Windows cert store with OpenSSL

Re: Using certificate and private key from Windows cert store with OpenSSL

RE: Using certificate and private key from Windows cert store with OpenSSL

Using certificate and private key from Windows cert store with OpenSSL

Re: Using certificate and private key from Windows cert store with OpenSSL

16 matches

Site Navigation

Mail list logo

Footer information