Hi Linda,
OpenSSL compiles perfectly with/on the target mingw64 - there is however
a minor issue (and fix) that isn't (yet) committed in the official repo.
See RT #3454 on http://rt.openssl.org/Ticket/Display.html?id=3454 for
an issue when compiling with the enable-ec_nistp_64_gcc_128 flag
Hello All,
I have a set up which runs Apache http-2.4.10 and Openssl-1.0.1i, when I
try to start the http server with FIPS mode i get the following error.
[Mon Aug 11 14:39:24.407781 2014] [suexec:notice] [pid 380] AH01232:
suEXEC mechanism enabled (wrapper: /apps/apache/2.4.10/bin/suexec)
I fixed the last few stragglers that hadn't already been fixed. Thanks.
Commit: d4a4370050f7d72239b92a60ab9d4a2dd5e9fd84
--
Rich Salz, OpenSSL dev team; rs...@openssl.org
__
OpenSSL Project
Fixed in the next version AFTER 1.0.2
--
Rich Salz, OpenSSL dev team; rs...@openssl.org
__
OpenSSL Project http://www.openssl.org
Development Mailing List
SCEP is useful, but it's been 12 years so let's be realistic: nobody's going to
do it.
--
Rich Salz, OpenSSL dev team; rs...@openssl.org
__
OpenSSL Project http://www.openssl.org
Development
Sorry for lack of response. Very old release, can't reproduce now.
--
Rich Salz, OpenSSL dev team; rs...@openssl.org
__
OpenSSL Project http://www.openssl.org
Development Mailing List
Release too old to try and reproduce.
--
Rich Salz, OpenSSL dev team; rs...@openssl.org
__
OpenSSL Project http://www.openssl.org
Development Mailing List
GOST is supported.
--
Rich Salz, OpenSSL dev team; rs...@openssl.org
__
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List
Not a bug.
--
Rich Salz, OpenSSL dev team; rs...@openssl.org
__
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager
We don't use O_NOFOLLOW any more.
--
Rich Salz, OpenSSL dev team; rs...@openssl.org
__
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Apache issue, closing down connection in signal handler.
--
Rich Salz, OpenSSL dev team; rs...@openssl.org
__
OpenSSL Project http://www.openssl.org
Development Mailing List
Not clear what the issue is; closing as not repeatable with current releases.
--
Rich Salz, OpenSSL dev team; rs...@openssl.org
__
OpenSSL Project http://www.openssl.org
Development Mailing List
Author: Viktor Szakats harbour...@syenar.hu
Date: Fri Aug 8 23:15:59 2014 -0400
RT 1988: Add const to SSL_use_RSAPrivateKey_ASN1
The unsigned char *d should be const.
--
Rich Salz, OpenSSL dev team; rs...@openssl.org
__
OpenSSL
This will be done in the next release after 1.0.2 Thanks for the patch!
--
Rich Salz, OpenSSL dev team; rs...@openssl.org
__
OpenSSL Project http://www.openssl.org
Development Mailing List
The fix discussed in this thread appears to be incomplete:
http://marc.info/?l=openssl-usersm=140752401023837w=2
This fix works for SRP cipher suites that uses RSA for DSA, which
includes 6 of the 9 supported SRP cipher suites. But the three SRP
cipher suites that don't rely on a server-side
Your using a SHA-1 signed certificate, the current FIPS standard
mandates a SHA-256 (SHA-2) signed certificate with a bit size = 2048.
---
Kurt Cancemi
https://www.x64Architecture.com
On Mon, Aug 11, 2014 at 5:24 AM, Abdul Anshad ab...@visolve.com wrote:
Hello All,
I have a set up which runs
Look at the ca -status flag.
--
Rich Salz, OpenSSL dev team; rs...@openssl.org
__
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
On Mon, Aug 11, 2014 at 11:09:51PM +0200, John Foley via RT wrote:
The fix discussed in this thread appears to be incomplete:
http://marc.info/?l=openssl-usersm=140752401023837w=2
This fix works for SRP cipher suites that uses RSA for DSA, which
includes 6 of the 9 supported SRP cipher
The commit into 1.0.1 didn't include the changes to s3_lib.c. SRP is still
broken on this branch. Are there any plans to fix this?
On Aug 11, 2014, at 6:41 PM, Kurt Roeckx via RT r...@openssl.org wrote:
On Mon, Aug 11, 2014 at 11:09:51PM +0200, John Foley via RT wrote:
The fix discussed
works in current release,
--
Rich Salz, OpenSSL dev team; rs...@openssl.org
__
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Fixed in the new release after 1.0.2; the text says, consistently any
supported digest
--
Rich Salz, OpenSSL dev team; rs...@openssl.org
__
OpenSSL Project http://www.openssl.org
Development
Could you please provide me the steps for creating a self signed
certificate meeting the current FIPS standard ?
Thank you for the response.
Regards,
Abdul
On 12-Aug-14 3:02 AM, Kurt Cancemi wrote:
Your using a SHA-1 signed certificate, the current FIPS standard
mandates a SHA-256 (SHA-2)
22 matches
Mail list logo
