Re: [openssl.org #1282] error setting AuthorityKeyIdentifier

On Fri, Feb 10, 2006, Kyle Hamilton wrote: > I haven't checked the archives, but if I'm not mistaken, it's because > it's (presumably) the rootCA that is the original trusted authority > (the 'trust anchor'), and thus the authorityKeyIdentifier is the > anchor rather than the CA that derives its t

Re: [openssl.org #1282] error setting AuthorityKeyIdentifier

I haven't checked the archives, but if I'm not mistaken, it's because it's (presumably) the rootCA that is the original trusted authority (the 'trust anchor'), and thus the authorityKeyIdentifier is the anchor rather than the CA that derives its trust from the anchor? (Also: if the question has be

Re: [openssl.org #1282] error setting AuthorityKeyIdentifier

On Fri, Feb 10, 2006, Tim Bond via RT wrote: > > I am doing some interop testing with a toolkit that performs PKIX > certificate verification and it is having a problem validating a chain I > built with OpenSSL. What appears to be happening is that when 'ca' copies > in the authority key informa

[openssl.org #1282] error setting AuthorityKeyIdentifier

Hello, I am doing some interop testing with a toolkit that performs PKIX certificate verification and it is having a problem validating a chain I built with OpenSSL. What appears to be happening is that when 'ca' copies in the authority key information into the client certificate, it is pulling

[openssl.org #1281] 'make report' output

OpenSSL self-test report: OpenSSL version: 0.9.8a Last change: Remove the functionality of SSL_OP_MSIE_SSLV2_RSA_PADDI... Options: --prefix=/usr/local no-asm no-gmp no-krb5 no-mdc2 no- rc5 no-shared no-zlib no-zlib-dynamic OS (uname): SunOS caliban 5.9 Generic_118558-21 sun4

[openssl.org #1281] Solaris9: 'make test' failure in evp_test

attached you can find the 'make report' output from one of my Solaris9 maschines. I used the SunStudio11 compiler on Solaris9 (SUN Fire V890) Is there any fix available for this problem ? thanks in advance ! regards, Steffen -- Steffen Unger <[EMAIL PROTECTED]> __

Re: FIPS mode confusion, and resolution

On Fri, Feb 10, 2006, Kyle Hamilton wrote: > (the 'non-security-policy-compliant' part comes from the extra > parameter to ./config -- I can't touch the OpenSSL build that's > already in the system directories, and the security policy states that > no other parameters can be passed to ./config. [

FIPS mode confusion, and resolution

I have a slightly non-standard (and non-security-policy-compliant) FIPS mode setup, generated with: cvs -d/home/kyle/openssl/repository co -rOpenSSL_FIPS_1_0 \ -d /home/kyle/openssl/work openssl ./config fips --prefix=/home/kyle make make test make install (the 'non-security-policy-compliant' part