not completely averse to
using Linux. That said, I have no idea how to properly set up a Linux build
computer for NSS on Windows.
Can anyone help me figure out what I am doing wrong? If this is not the proper
place to seek such help, can someone point me in the right direction? Thanks!
--
dev-tech
efile:128: recipe for target 'build_nspr' failed
make: *** [build_nspr] Error 2
I don't really know how to stand up a build environment, so this doesn't really
surprise me.
Can anyone help me understand how to solve this problem building NSS for
Windows? If this is not the
fail to do it, or rather have not been able
to do.
I want to know is that it's possible that you bring us your help, because
we are working on a university project which will be completed in three
weeks and we're really stuck on the project.
Thank you in advance and I hope to have a response from
(this is set by users)
- Calculation of duration of keys' usage.
I tried to use these functions, but it causes my extension to crash
without any notice.
Appreciate if someone can help me on this issue. Thank you.
Regards,
Brian Teh, Singapore
The S/MIME code uses these functions in the 'static
of duration of keys' usage.
I tried to use these functions, but it causes my extension to crash
without any notice.
Appreciate if someone can help me on this issue. Thank you.
Regards,
Brian Teh, Singapore
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org
why ?
i change type of variable in order to have more flexibility of the
program, these changes work fine for aes_cbc and aes_ecb but for
aes_cbc_pad not
please help
regards all
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
hello all
does anyone can help me starting coding in c the nss library ?
i had to encrypt and decrypt data
can you tell me the list of function i had to call to do that and tell
me the order
i suppose that there is a initialization of context, generate key, set
mode, set algo, call function
On Jun 23, 8:13 pm, Robert Relyea rrel...@redhat.com wrote:
On 06/23/2011 02:14 AM, florent ainardi wrote:
and the same thing for a file
but i don't how to start
i use polarssl library and the api doc is very simple
please help using the NSS library from mozilla
regards all
hello bob
with the key is 90% of the complexity of an encryption program.
The rest is pretty straight forward.
bob
4- save the cipher data into a file
5-end
and the same thing for a file
but i don't how to start
i use polarssl library and the api doc is very simple
please help using the NSS
On 06/23/2011 02:14 AM, florent ainardi wrote:
and the same thing for a file
but i don't how to start
i use polarssl library and the api doc is very simple
please help using the NSS library from mozilla
regards all
hello bob
thanks for replying
but i had to implement in a simple program
thing for a file
but i don't how to start
i use polarssl library and the api doc is very simple
please help using the NSS library from mozilla
regards all
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
thing for a file
but i don't how to start
i use polarssl library and the api doc is very simple
please help using the NSS library from mozilla
regards all
--
View this message in context:
http://old.nabble.com/help-me-use-aes-with-NSS-tp31894850p31894850.html
Sent from the Mozilla - Cryptography
:
http://old.nabble.com/using-browser-keydtore-from-applet---help-tp30573381p30573381.html
Sent from the Mozilla - Cryptography mailing list archive at Nabble.com.
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
On 2010/09/07 17:08 PDT, tedx wrote:
I've hacked up something to try but I've now encountered a
compilation error that I don't understand. Has anyone else seen this?
nss_signing.c: In function ‘spl_nssVerifySignature’:
nss_signing.c:172: error: storage size of ‘vfy_context’ isn’t known
.
How do I determine which algorithms the public key I'm supports? How
do I tell VFY about these multiple algorithms? Thanks
again for your help.
Ted
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
that some public keys support multiple signature algorithms.
How do I determine which algorithms the public key I'm supports? How
do I tell VFY about these multiple algorithms? Thanks
again for your help.
Ted
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https
On 2010-09-06 08:17 PDT, Xavier Toth wrote:
I'm trying to verify the signature of a file I've signed but I don't
understand where to get the sigAlgorithm and hash to pass to
VFY_CreateContextWithAlgorithmID.
I presume you've read the description of these parameters in
On Sep 7, 1:34 pm, Nelson B Bolyard nel...@bolyard.me wrote:
On 2010-09-06 08:17 PDT, Xavier Toth wrote:
I'm trying to verify the signature of a file I've signed but I don't
understand where to get the sigAlgorithm and hash to pass to
VFY_CreateContextWithAlgorithmID.
I presume you've
I'm trying to verify the signature of a file I've signed but I don't
understand where to get the sigAlgorithm and hash to pass to
VFY_CreateContextWithAlgorithmID. I've googled looking for some sample
code using the VFY_ apis to verify signatures but I haven't found
anything that I could build off
On Tue, Jul 27, 2010 at 10:09 AM, Pat lync...@gmail.com wrote:
Hello,
Can anyone explain what is going wrong with the following scenario?
Using NSPR 4.8, NSS 3.12.6, JSS 4.3.1 with JDK 1.6_21 on Windows XP
Professional SP 3. FIPS mode is enabled.
I'm trying to open an LDAP connection to
Hello,
Can anyone explain what is going wrong with the following scenario?
Using NSPR 4.8, NSS 3.12.6, JSS 4.3.1 with JDK 1.6_21 on Windows XP
Professional SP 3. FIPS mode is enabled.
I'm trying to open an LDAP connection to an LDAP server (Apache
Directory Server) running locally on the same
On 2010-04-14 19:18 PST, 虎 季 wrote:
I am an engineer working in mozilla China, I'm going to provide a
solution for Chinese banks which support IE only in China now.
Welcome, 虎 季. Perhaps you can give us westerners some guidance on how to
pronounce or transliterate your name in western
I am an engineer working in mozilla China, I'm going to provide a
solution for Chinese banks which support IE only in China now.
The problem I met is that:
There are many vendors who supply smart-cards for banks, they have
implemented the pkcs#11 modules(maybe implemented most parts of
.
NSS builds 2 types of tools as part of the build process: 1) tools to
help in the build, and 2) target tools. The latter is basically
nsinstall, built by coreconf. Those tools build with the compiler
specified by NATIVE_CC and with the flags specified with NATIVE_FLAGS
[WINCE avoids
George,
Another source of info on cross-compiling NSS is Mozilla's makefile
responsible for compiling NSS:
http://mxr.mozilla.org/mozilla-central/source/security/manager/Makefile.in
Search for CROSS_COMPILE in that makefile.
Note that this approach is different from the preferred approach
that
: function failed: security library: bad database.
I know I should be using a -h option after cert.p12 but im not sure what
'token name' I'm meant to add as the parameter. Also are passwords etc meant
to be written in quotes or not?
Any help would be greatly appreciated!
EDIT:
if I add -d
On 01/12/2010 04:07 AM, trashpants wrote:
im quite literally using the following line to try and import the file
pkcs12.exe -i cert.p12 -v -W Pass
but I get an error:
certutil.exe: function failed: security library: bad database.
You need to specify -d {firefox profile directory}
The
nvm
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
and OS_TARGET_RELEASE environment variables to your target OS. This will
override the what coreconf will automatically pick up.
NSS builds 2 types of tools as part of the build process: 1) tools to
help in the build, and 2) target tools. The latter is basically
nsinstall, built by coreconf. Those tools
thank you for the answer. I think I'll content myself with the WinNT
flavor of NSPR because building the Win95 flavor seems to be a little
bit complicated :)
best regards
Amine
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
Thank you very much glen for the help, Now, IT WORKS !
Now I really do the difference between a debug build and a release
build.
Actually, I'v placed the nspr-4.6.4 libraries in c:\jss. So, I've only
replaced the debug libraries of nspr-4.6.4 by the release ones and
everything works properly.
I
this will bring you the sufficient informations to help me to
bypass this problem.
Once again, thank you.
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
On 2009-09-03 02:23 PDT, Amine wrote:
Well, I'll try to be very precise this time.
I am writing a little Java program that uses an NSS Internal PKCS#11
Module for signing. Am using Win XP, service pack 3 and, for now, no
Visual C++ is installed.
So am using the JSS 4.2 that uses NSPR
On 9/3/09 4:24 PM, Glen Beasley wrote:
On 9/3/09 11:23 AM, Nelson B Bolyard wrote:
On 2009-09-03 02:23 PDT, Amine wrote:
Well, I'll try to be very precise this time.
I am writing a little Java program that uses an NSS Internal PKCS#11
Module for signing. Am using Win XP, service pack 3
with BUILD_OPT=1 and i've got
the same library exposed on the Mozilla links . How can I override
this
problem ? I think that Mozilla is giving the debug build of the jss
shared library instead of the release build.
Thank you in advance for your help.
Amine
--
dev-tech-crypto mailing list
dev-tech
shared library instead of the release build.
Thank you in advance for your help.
Amine
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
Eddy Nigg wrote:
On 02/25/2009 08:31 PM, Gervase Markham:
On 23/02/09 23:54, Eddy Nigg wrote:
[...]
Only CAs are relevant if at all. You don't expect that 200 domain names
were registered by going through anti-spoofing checking and measures, do
you?!
[...]
Outsh, sorry! That should have
Paul Hoffman wrote:
At 7:09 AM +0100 2/24/09, Kaspar Brand wrote:
Kyle Hamilton wrote:
Removal of support for wildcards can't be done without PKIX action, if
one wants to claim conformance to RFC 3280/5280.
Huh? Both these RFCs completely step out of the way when it comes to
wildcard
On 26/02/09 11:05, Jean-Marc Desperrier wrote:
Eddy Nigg wrote:
On 02/25/2009 08:31 PM, Gervase Markham:
On 23/02/09 23:54, Eddy Nigg wrote:
[...]
Only CAs are relevant if at all. You don't expect that 200 domain names
were registered by going through anti-spoofing checking and
measures, do
looking at the lock doesn't help in a spoofing
attack if the attacker has a wildcard certificate. In this way, it is an attack
improvement.
This is not to say that wildcard certificates are not bad, evil, anything, but
that nothing new has been truly brought about that by this attack.
So talk
On 23/02/09 23:54, Eddy Nigg wrote:
How to prove? Does Mozilla buy domain names (or purchase certificates)
from time to time in order to govern its policies?
We rely on good citizens like you to let us know when there's a problem
:-) We don't regularly attempt to break the security of CA cert
On 02/25/2009 08:31 PM, Gervase Markham:
On 23/02/09 23:54, Eddy Nigg wrote:
How to prove? Does Mozilla buy domain names (or purchase certificates)
from time to time in order to govern its policies?
We rely on good citizens like you to let us know when there's a problem
:-) We don't regularly
On 24/2/09 02:11, Eddy Nigg wrote:
On 02/24/2009 02:35 AM, Ian G:
The point that is made is that the positive response is so weak that
it doesn't support the overall effect; the attacker just prefers to
trick the user using HTTP and some favicons or other simple symbols. And
(so the author
On 02/24/2009 01:47 PM, Ian G:
Right. This can also be seen as evidence that secure browsing has not
protected the users, because it was so easily bypassed.
Orthe price to stage an attack using SSL is still considered too
high. It's rather a point for SSL than against IMO.
If the
At 7:09 AM +0100 2/24/09, Kaspar Brand wrote:
Kyle Hamilton wrote:
Removal of support for wildcards can't be done without PKIX action, if
one wants to claim conformance to RFC 3280/5280.
Huh? Both these RFCs completely step out of the way when it comes to
wildcard certificates - just read the
Nelson B Bolyard wrote:
Benjamin Smedberg wrote, On 2009-02-20 10:28:
[...] CA guidelines
Which (whose) guidelines? Are you referring to RFC 5280 section 7, or
to some other guidelines?
Mozilla's CA cert policy doesn't even mention this subject.
say that certificates should not be issued
Paul Hoffman wrote:
TLD registries ask which language a name is in; some then do some
filtering based on what characters they think are used by particular
languages. This is far from a science and fails miserably for most
European languages.
If it fails, then report it to secur...@mozilla.org
On 02/23/2009 02:01 PM, Jean-Marc Desperrier:
When issuing a SSL server cert there is no need for a special checking
at the CA level, because nobody will first be able to obtain a dangerous
domain name within that TLD.
Like the IANA requirement to state correct information in the WHOIS
On 23/2/09 13:41, Eddy Nigg wrote:
On 02/23/2009 02:01 PM, Jean-Marc Desperrier:
When issuing a SSL server cert there is no need for a special checking
at the CA level, because nobody will first be able to obtain a dangerous
domain name within that TLD.
Like the IANA requirement to state
At 1:14 PM +0100 2/23/09, Jean-Marc Desperrier wrote:
Paul Hoffman wrote:
TLD registries ask which language a name is in; some then do some
filtering based on what characters they think are used by particular
languages. This is far from a science and fails miserably for most
European languages.
At 2:19 AM +0200 2/23/09, Eddy Nigg wrote:
You don't like that I mention particular CAs, but the one I'm affiliated with
does to some extend. ;-)
I do not like you mentioning particular CAs to advertise (yourself) or attack
(your competitor); asking for a list of CAs that implement policies
Jean-Marc Desperrier wrote, On 2009-02-23 04:01:
Nelson and everyone else not knowing the details of this :
The problem is solved not at the CA level, but at the registry/TLD level.
I think you mean that IF it were solved, the solution would be at ...
But I think it is evident that it is NOT
On 02/23/2009 04:57 PM, Ian G:
* IDNs present more danger than wildcards,
* wildcards present more danger than IDNs,
* they are approximately the same level of danger,
and trying to separate them out is not efficacious
at this level of discussion?
Anything which can be misused in such a way
On 23/02/09 17:58, Paul Hoffman wrote:
Jean-Marc, you have fallen for Gerv's wishful thinking and security
theater. There are multiple TLDs on that list that have policies that
say *nothing* about preventing homograph spoofing.
Every TLD on that list should have a published set of characters
On 19/02/09 17:36, Ian G wrote:
1. He has clearly laid out the trap of negative versus positive
feedback, and explained why Firefox 3 UI changes make the result less
secure than Ff2.
You'll need to elaborate on what you are saying here, because the way I
read it, he _hates_ the new FF3
On 02/24/2009 01:18 AM, Gervase Markham:
The rationale section of this document explains very well why our
policy and technical implementation is as it is:
http://www.mozilla.org/projects/security/tld-idn-policy-list.html
OK, reading the IDN policy I understand that registrars uses human,
On 02/24/2009 01:23 AM, Gervase Markham:
All the registries added to the list had this when they were added. As I
said in my previous message, if you know of a registry which no longer
meets these criteria, please let me know.
How to prove? Does Mozilla buy domain names (or purchase
Eddy:
It's important to realize something rather important... security must
be designed into the system from the ground up, and all pieces of a
secure system must operate together properly. It's not *just* the CA,
it's everything.
Since we don't have a secure system, we need to find a way to
On 02/24/2009 02:01 AM, Kyle Hamilton:
It's important to realize something rather important... security must
be designed into the system from the ground up, and all pieces of a
secure system must operate together properly. It's not *just* the CA,
it's everything.
Ideally yes, your are
On Mon, Feb 23, 2009 at 4:10 PM, Eddy Nigg eddy_n...@startcom.org wrote:
On 02/24/2009 02:01 AM, Kyle Hamilton:
It's important to realize something rather important... security must
be designed into the system from the ground up, and all pieces of a
secure system must operate together
On 24/2/09 00:20, Gervase Markham wrote:
On 19/02/09 17:36, Ian G wrote:
1. He has clearly laid out the trap of negative versus positive
feedback, and explained why Firefox 3 UI changes make the result less
secure than Ff2.
You'll need to elaborate on what you are saying here, because the way
To amplify the response to Gerv's question on positive / negative
imbalance in responses in FF3, here's a forward from another list.
On 21/2/09 15:34, Peter Gutmann wrote:
Steven M. Bellovins...@cs.columbia.edu writes:
http://www.theregister.co.uk/2009/02/19/ssl_busting_demo/ -- we've
On 02/24/2009 02:35 AM, Ian G:
The point that is made is that the positive response is so weak that
it doesn't support the overall effect; the attacker just prefers to
trick the user using HTTP and some favicons or other simple symbols. And
(so the author claims) gets away with it easily enough,
Kyle Hamilton wrote:
Removal of support for wildcards can't be done without PKIX action, if
one wants to claim conformance to RFC 3280/5280.
Huh? Both these RFCs completely step out of the way when it comes to
wildcard certificates - just read the last paragraph of section
4.2.1.7/4.2.1.6. PKIX
RFC 2818 (HTTP Over TLS), section 3.1.
-Kyle H
On Mon, Feb 23, 2009 at 10:09 PM, Kaspar Brand m...@velox.ch wrote:
Kyle Hamilton wrote:
Removal of support for wildcards can't be done without PKIX action, if
one wants to claim conformance to RFC 3280/5280.
Huh? Both these RFCs completely
Kyle Hamilton wrote:
RFC 2818 (HTTP Over TLS), section 3.1.
Definitely not a PKIX RFC. Removal of support for wildcards doesn't
need any PKIX action.
Kaspar
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
On Sat, Feb 21, 2009 at 1:19 PM, Paul Hoffman phoff...@proper.com wrote:
I don't see how the attack could have been done without wildcards. CA
guidelines say that certificates should not be issued with homographic
characters that might cause confusion
They do? Where?
I believe that Unicode
Paul Hoffman wrote:
UTR #36 is not a CA guideline, it is a guideline that some CAs might
read and implement. I know of none that have.
I think part of what's going on here is a confusion between CAs and
domain name registrars. IIRC there was indeed some sort of agreement
among domain name
On 02/21/2009 11:19 PM, Paul Hoffman:
I don't see how the attack could have been done without wildcards. CA
guidelines say that certificates should not be issued with homographic
characters that might cause confusion
They do? Where?
Some CA policies do. I can't recall right now, but EV might
On 20/2/09 20:07, Nelson B Bolyard wrote:
Benjamin Smedberg wrote, On 2009-02-20 10:28:
Homomorphic characters aren't a problem for wildcard matching. They're a
problem for users' eyeballs. The attack that was demonstrated could have
been done without wildcards. Changing the wildcard
At 1:28 PM -0500 2/20/09, Benjamin Smedberg wrote:
On 2/20/09 12:11 PM, Nelson B Bolyard wrote:
Benjamin Smedberg wrote, On 2009-02-19 07:39:
It sounds to me that we could and should fix this bug simply by disabling
punycode for the wildcard portion.
I'm not sure what you're proposing here,
On Sat, Feb 21, 2009 at 1:19 PM, Paul Hoffman phoff...@proper.com wrote:
I don't see how the attack could have been done without wildcards. CA
guidelines say that certificates should not be issued with homographic
characters that might cause confusion
They do? Where?
I believe that Unicode
Eddy Nigg wrote:
On 02/19/2009 03:30 PM, Jean-Marc Desperrier:
Moxie Marlinspike in Black Hat has just demonstrated a very serious i18n
attack using a *.ijjk.cn certificate.
http://www.blackhat.com/presentations/bh-dc-09/Marlinspike/BlackHat-DC-09-Marlinspike-Defeating-SSL.pdf
.cn is
Benjamin Smedberg wrote, On 2009-02-19 07:39:
It sounds to me that we could and should fix this bug simply by disabling
punycode for the wildcard portion.
I'm not sure what you're proposing here, Ben, or what effect you think
it would have.
Homomorphic characters aren't a problem for wildcard
On 02/20/2009 08:28 PM, Benjamin Smedberg:
I don't see how the attack could have been done without wildcards. CA
guidelines say that certificates should not be issued with homographic
characters that might cause confusion, and as far as we know these
guidelines are being followed. The attack
Benjamin Smedberg wrote, On 2009-02-20 10:28:
On 2/20/09 12:11 PM, Nelson B Bolyard wrote:
Benjamin Smedberg wrote, On 2009-02-19 07:39:
It sounds to me that we could and should fix this bug simply by disabling
punycode for the wildcard portion.
I'm not sure what you're proposing here, Ben,
Moxie Marlinspike in Black Hat has just demonstrated a very serious i18n
attack using a *.ijjk.cn certificate.
http://www.blackhat.com/presentations/bh-dc-09/Marlinspike/BlackHat-DC-09-Marlinspike-Defeating-SSL.pdf
.cn is authorized for i18n, and the * will match anything, allowing all
the
On 02/19/2009 03:30 PM, Jean-Marc Desperrier:
Moxie Marlinspike in Black Hat has just demonstrated a very serious i18n
attack using a *.ijjk.cn certificate.
http://www.blackhat.com/presentations/bh-dc-09/Marlinspike/BlackHat-DC-09-Marlinspike-Defeating-SSL.pdf
.cn is authorized for i18n, and
On 2/19/09 9:37 AM, Eddy Nigg wrote:
On 02/19/2009 03:30 PM, Jean-Marc Desperrier:
Moxie Marlinspike in Black Hat has just demonstrated a very serious i18n
attack using a *.ijjk.cn certificate.
On 19/2/09 14:30, Jean-Marc Desperrier wrote:
Moxie Marlinspike in Black Hat has just demonstrated a very serious i18n
attack using a *.ijjk.cn certificate.
http://www.blackhat.com/presentations/bh-dc-09/Marlinspike/BlackHat-DC-09-Marlinspike-Defeating-SSL.pdf
PS : Some of his other remarks
On 19/2/09 16:39, Benjamin Smedberg wrote:
http://www.blackhat.com/presentations/bh-dc-09/Marlinspike/BlackHat-DC-09-Marlinspike-Defeating-SSL.pdf
Other than this specific attack, what are the concerns about wildcards that
would make us take such a drastic action?
It sounds to me that we
On 02/19/2009 05:39 PM, Benjamin Smedberg:
Other than this specific attack, what are the concerns about wildcards that
would make us take such a drastic action?
It sounds to me that we could and should fix this bug simply by disabling
punycode for the wildcard portion.
Because punycode isn't
On 02/19/2009 07:36 PM, Ian G:
1. He has clearly laid out the trap of negative versus positive
feedback, and explained why Firefox 3 UI changes make the result less
secure than Ff2.
I don't think this is what he is saying exactly, but rather that for
HTTP the world looks always fine...
Hello,
From the mozilla tree,
http://mxr.mozilla.org/mozilla/source/security/nss/lib/pk11wrap/pk11pub.h#109
I want to call the PK11 functions for encrypt, decrypt, sign, verify,
etc.. from my Firefox extension that is written in javascript.
Eg:
SECKEYPrivateKey
I'll repeat my answer to your question in the opensc list. We should
probably keep followups in this list since there is more NSS/mozilla
expertise here (which is really where your questionis coming from)...
Akkshayaa Venkatram wrote:
Hello,
From the mozilla tree,
Akkshayaa Venkatram wrote:
From the mozilla tree,
http://mxr.mozilla.org/mozilla/source/security/nss/lib/pk11wrap/pk11pub.h#109
I want to call the PK11 functions for encrypt, decrypt, sign, verify,
etc.. from my Firefox extension that is written in javascript.
Robert Relyea wrote, On
Akkshayaa Venkatram wrote:
Hi
I am developing a Firefox extension that calls PKCS 11 functions like
C_Encrypt, C_Sign, C_Decrypt and others..
We don't expose the direct C_ calls in NSS. NSS typically has the token
open during the entire time, so applications making calls and changing
states
Hi
I am developing a Firefox extension that calls PKCS 11 functions like
C_Encrypt, C_Sign, C_Decrypt and others..
I am not sure how to call these functions from the javascript file. I
have an idea that i must wrap these C functions in XPCOM-IDL. But not
sure of how to do it..and what
Nelson B Bolyard wrote:
Pardon my ignorance, but, what is CentOS ?
CentOS is the name of a Linux distribution.
Kai
smime.p7s
Description: S/MIME Cryptographic Signature
___
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
list
Subject: Re: Help Signature Verification Error: !
Nelson B Bolyard wrote:
Pardon my ignorance, but, what is CentOS ?
CentOS is the name of a Linux distribution.
smime.p7s
Description: S/MIME cryptographic signature
___
dev-tech-crypto mailing
On Oct 2, 3:53 pm, Matthews, Tim R [EMAIL PROTECTED]
wrote:
Hi All. I hope this is an acceptable question for this list; I've
searched google and the archives and not found an answer.
We use Remedy ARS (helpdesk ticketing system) and are migrating to
Microsoft ADAM (LDAP) using TLS for
in context:
http://www.nabble.com/Help-Signature-Verification-Error%3A-%21-tp20264052p20343219.html
Sent from the Mozilla - Cryptography mailing list archive at Nabble.com.
___
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https
[EMAIL PROTECTED] wrote, On 2008-11-05 07:26:
On Oct 2, 3:53 pm, Matthews, Tim R [EMAIL PROTECTED] wrote:
Hi All. I hope this is an acceptable question for this list; I've
searched google and the archives and not found an answer.
We use Remedy ARS (helpdesk ticketing system) and are migrating
leszek wrote, On 2008-11-05 07:49:
What software displayed that error message?
I have the same error ... in the FireFox javascript: console.
If you use signtool to verify the signature on your jar file,
what does it report?
signtool -v my.jar
Similarly, what does
signtool -w my.jar
Balaji Kamal Kannadassan wrote, On 2008-10-31 04:24 PDT:
We have a valid certificate and I signed my jar file with the jarsigner
when I open it using jar:!/prefstryjs.html I am getting below error. I
ran out of options, please any help on the same would be great.
Error
), then that
server cert should validate. Set up a cert db with that CA cert
present and trusted as I suggested, and try Remedy with that cert DB.
It might work.
Thanks once again for all your help with this. I'd been going slowly mad!
___
dev-tech-crypto
trust hierarchies and is expecting individual SSL server certs.
Have I missed something or is this looking like a Remedy SSL bug?
Thanks once again for all your help with this. I'd been going slowly mad!
Cheers,
Tim
___
dev-tech-crypto mailing list
dev
posted the cry for help at the end of a 15 hour work day :)
I read it through twice thinking I'd included everything I needed but missed
the architecture - doh!
Remedy is the client and the load balanced Adams are the servers. The client
cert is indeed for the adam server and references it by name
Matthews, Tim R wrote, On 2008-10-04 03:34:
Remedy is the client and the load balanced Adams are the servers. The
client cert is indeed for the adam server and references it by name.
Thanks for confirming what I suspected. I'll write more about it below.
In test I'm doing this with 1 client
Matthews, Tim R wrote, On 2008-10-02 13:53:
Hi All. I hope this is an acceptable question for this list;
You bet. Welcome.
I’ve searched google and the archives and not found an answer.
We use Remedy ARS (helpdesk ticketing system) and are migrating to
Microsoft ADAM (LDAP) using TLS for
1 - 100 of 142 matches
Mail list logo