Hello,
I use the MS capi engine to access windows store certificates and keys
from openSSL.
(And please, please: no windows/Linux discussion here).
While working with capi engine, I found some things I would like to discuss
here.
Please forgive me that I have more than one item to discuss:
On Sat, May 30, 2009, Guenter wrote:
Hi,
Ger Hobbelt schrieb:
It's advised to register this at the OpenSSL issue tracker by
forwarding this to r...@openssl.org
It's no guarantee to get serviced pronto, but at least it'll get the
attention of the core devs when they have time.
(The
Various Linux distros contain a man page for c_rehash(3ssl), but the page is
not present in the official tarballs. Please incorporate this or similar
content into the actual distribution.
Linux man page:
http://www.digipedia.pl/man/c_rehash.1ssl.html
Dear all,
please find attached a patch which adds support for ECDHE and PSK
support for DTLS as requested by Stephen.
The diff is against openssl-1.0.0-beta2.
Stephen: Please let me know if you have any issues with the patch.
Best regards
Michael
dtls.patch
Description: Binary data
On
[tue...@fh-muenster.de - Sun May 31 16:11:06 2009]:
Dear all,
please find attached a patch which adds support for ECDHE and PSK
support for DTLS as requested by Stephen.
The diff is against openssl-1.0.0-beta2.
In future please make diffs against the relevant branch as opposed to
the
Moving to openssl-dev now that I think I've found the answers...
On Sun, 2009-05-31 at 10:13 +0100, David Woodhouse wrote:
I found another strange behaviour that I didn't expect -- the _order_ of
the certificates in the cafile seems to be important. My original
scripts which interact with the
It's possible for multiple certificates to have the same subject name,
and if that happens then ssl3_output_cert_chain() may select the wrong
one because it just picks a certificate by name and doesn't actually
_check_ if it really is the right one.
There's a function which gets this right;
On May 31, 2009, at 7:27 PM, Stephen Henson via RT wrote:
[tue...@fh-muenster.de - Sun May 31 16:11:06 2009]:
Dear all,
please find attached a patch which adds support for ECDHE and PSK
support for DTLS as requested by Stephen.
The diff is against openssl-1.0.0-beta2.
In future please