Hi all,
I am programmatically generating the self signed certificate and need to
specify the Not Before and Not After date,
Wanted to understand what all formats are acceptable by this API ?
Also, similarly while using API , what exactly is the time format
expected by
the private key with which certificate was signed, or
the public key which this certificate signs.
Sorry, I think I am still bit not clear on purpose of the API.
Thanks Regards,
Nayna Jain
From: Viktor Dukhovni openssl-us...@dukhovni.org
To: openssl-us...@openssl.org, openssl-dev@openssl.org
Thanks Victor,
I want to match the certificate with the private key for whose public key
that certificate is provided.
If this verifies who signed the certificate, then how do I verify whether
the certificate provided is for the private key which was generated,
Thanks Regards,
Nayna Jain
Hi,
I am trying to verify X509 certificate against two private keys such that
atleast one of them it should match.
I used the API as
X509_verify(x509, pkey) where pkey is of EVP_PKEY type
However, for one of the private key it is failing with error block type is
not 01// And this key is
Hi,
Thanks Victor, I am going to try these..
I have similar concern for private key.
If I have a pem file with private key in that, how do I check if that is
RSA/DSA ?
Thanks Regards,
Nayna Jain
From: Viktor Dukhovni openssl-us...@dukhovni.org
To: openssl-us...@openssl.org, openssl
Hi all,
I am using X509_STORE and X509_LOOKUP to verify the certificate and its
chain.
But at the end when I do X509_STORE_free(store) and X509_LOOKUP_free
(lookup), it is also doing free of the X509* certificate which I added.
But I don't want that, because after that when I immediately try
PEM APIs. or there are DER specific APIs also, I
didn't find though, unless they are d2i_xxx types.
Thanks Regards,
Nayna Jain
From: Viktor Dukhovni openssl-us...@dukhovni.org
To: openssl-us...@openssl.org
Date: 06/09/2015 10:34 AM
Subject:Re: [openssl-users] Is there openssl
Hi,
I need to verify if the certifiate I have received is having its content in
PEM/DER format.
Is there any API which if given file pointer like (fp) will tell me whether
it has valid format of certificate and if yes then whether it is PEM/DER
format ?
If no API, then what is the other way to
Hi,
With the latest logjam attack, as I was trying to verify if my server
(lighttpd) accepts DHE_xxx ciphers, I saw that it accepted and I didn't
do any configuration setting done for DH parameters explicitly.
But I couldn't verify what is the key length did it use by default
512/1024/2048 ?
Hi Hubert,
Thanks..
I tried the command you mentioned i.e.
openssl s_client -connect hostname:443 -cipher EDH /dev/null 2/dev/null |
grep 'Server Temp Key'
But it didn't output anything.
Thanks Regards,
Nayna Jain
From: Hubert Kario hka...@redhat.com
To: openssl-dev@openssl.org
Cc
Ok, I think this is what I didn't know. I was using openssl 1.0.1g client.
I still didn't have openssl 1.0.2 .
Thanks..
Thanks Regards,
Nayna Jain
From: Salz, Rich rs...@akamai.com
To: openssl-dev@openssl.org openssl-dev@openssl.org
Date: 05/22/2015 09:31 PM
Subject:Re
,
Nayna Jain
__
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majord...@openssl.org
couldn't get much information.
Since the error seems to be too much code level, sending it to openssl dev
group also, along with openssl users group.
Thanks Regards,
Nayna Jain
__
OpenSSL Project
reason comes is as - it as mismatch issue between server and client SSL
connection either protocol or certificates like that..
Thanks Regards,
Nayna Jain
From: Brad House b...@monetra.com
To: openssl-dev@openssl.org,
Date: 04/21/2014 04:48 PM
Subject:Re: SSL negotiation failed
is loaded by default ?
Thanks Regards,
Nayna Jain
__
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager
,
Nayna Jain
__
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majord...@openssl.org
this error. earliar I was getting Digest
to big in size for rsa
Can someone please explain this ?
Thanks Regards,
Nayna Jain
__
OpenSSL Project http://www.openssl.org
Development Mailing List
?
If possible, also if someone can explain that how SSLv23 is able to
handshake with both TLSv1_2 related APIs as well as SSLv3 related APIs.
Thanks Regards,
Nayna Jain
__
OpenSSL Project http
18 matches
Mail list logo