(Re-Aligning)
Hi,
I am trying to build FIPS capable openssl 1.0.1c.(Cross Compiling, but both
OS s are linux x86_64)
Following are the steps i followed-
1) Downloaded openssl-fips-2.0.2.tar.gz
untared and build object module in /common/openssl/openssl-fips-2.0.2/
using -
On Wed, Mar 13, 2013, Cipher wrote:
(Re-Aligning)
Hi,
I am trying to build FIPS capable openssl 1.0.1c.(Cross Compiling, but both
OS s are linux x86_64)
Following are the steps i followed-
1) Downloaded openssl-fips-2.0.2.tar.gz
untared and build object module in
On Tue Mar 12 23:15:50 2013, thomas_harn...@symantec.com wrote:
When attempting to validate certificates using a CRL with the
X509_verify_cert setup, it fails w/ the error code 36 -
X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION
The extension in question is the AKID - Authority Key Identifier
Dr. Stephen Henson wrote
On Wed, Mar 13, 2013, Cipher wrote:
(Re-Aligning)
Hi,
I am trying to build FIPS capable openssl 1.0.1c.(Cross Compiling, but
both
OS s are linux x86_64)
Following are the steps i followed-
1) Downloaded openssl-fips-2.0.2.tar.gz
untared and build object
I can provide a staticly linked version of s_client with debug
symbols if you think that's useful. But I would still need
to know what to ask.
I can't really think of anything specific to ask either. As suggested
first step would be to try to reproduce with statically linked openssl
is is badly written),
I think the verification of a chain in the ess was not appropriate
logic.
regards
*** openssl-SNAP-20130313/crypto/ts/ts_rsp_verify.c 2013-01-11 15:13:43.0 +0100
--- openssl-SNAP-20130313-ps/crypto/ts/ts_rsp_verify.c 2013-03-13 14:49:32.047821036 +0100
On Wed, Mar 13, 2013 at 01:42:07PM +0100, Andy Polyakov via RT wrote:
Actually my intention was to test if the problem can be reproduced with
*same binary*. That's why I suggested that you, Kurt, compile one and
hand it to user. Other way around would also work, i.e. user hands over
the
On Wed, Mar 13, 2013 at 01:42:07PM +0100, Andy Polyakov via RT wrote:
Actually my intention was to test if the problem can be reproduced with
*same binary*. That's why I suggested that you, Kurt, compile one and
hand it to user. Other way around would also work, i.e. user hands over
the