Hi,
There is nothing (that I could find) in the ocsp(1) doc on how to generate
OCSP responder certificates with openssl.
In the openssl.cnf you need:
[ ocsp_cert ]
extendedKeyUsage = OCSP Signing
then add -extensions ocsp_cert on the openssl ca command to generate
the cert.
Note the space in
Platform: NetBSD 1.6.1 x86 (full ./testlog attached below)
OpenSSL: 0.9.8b
openssl command fails to load, when built with
libssl and libprypto as both shared, and
the OS tries a good job on finding shared library dependencies on runtime.
[EMAIL PROTECTED] /usr/ssl/bin/openssl
Shared object
Setting a built-in shared library search path should be optional.
If you build a shared library based openssl dist for inclusion in a
software
distribution packet that can be installed in another location on
the target machine you don't want a built-in path to the
install location on the
On Thu, Aug 31, 2006, Simon McMahon wrote:
Hi,
I must have something wrong in the configuration file and there dont seem
to be samples to cover additional OIDs. I just want to know how to use the
'oid_section' in the openssl.cnf file correctly. Btw, I am simply adding
the OCSPsigning
Mats Nilsson wrote:
Hi
[OpenSSL-0.9.7i, Windows XP, sp2]
While hacking limited support for CMS compression on top of OpenSSL, I
accidentally sent a BER encoded CMS file (using compression) into
SMIME_read_PKCS7, which caused an access violation somewhere in: [Visual
studio 6 stack dump]
After commit of crypto/perlasm/x86unix.pl v.1.45:
$ ./config -g shared zlib make
...
gcc -I. -I.. -I../include -fPIC -DOPENSSL_PIC -DZLIB -DOPENSSL_THREADS
-D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -g -march=pentium -DL_ENDIAN -DTERMIO
-O3 -fomit-frame-pointer -Wall
Hi Steve,
Thanks for your reply. I found out what I did wrong.
Dr Stephen N. Henson wrote:
for details and examples. However the OID is already part of OpenSSL so
it
doesn't need to be added: it is called OCSPSigning though.
It appears to be called OCSP Signing which caused me a bit of a
On Fri, Sep 01, 2006, Simon McMahon wrote:
Hi Steve,
Thanks for your reply. I found out what I did wrong.
Dr Stephen N. Henson wrote:
for details and examples. However the OID is already part of OpenSSL so
it
doesn't need to be added: it is called OCSPSigning though.
It appears to
Typo in ms\uplink.c in openssl-0.9.8b
If the static 'applinktable' is already initialized, the block which
sets the local 'p' is not executed. After this block, 'applinktable'
should be used to lookup the max index and the function address.
Curiously, this doesn't cause problems when