Once I have got serv.o, I link it with a line like this on my
sun-Solaris:
g++ serv.o -L (path to your openssl installation)/openssl/lib -lssl
-lcrypto -lsocket -lnsl -o serv
It's all the same for cli.
Try to be more specific. Which libraries are not found?
Albert Serra wrote:
Sorry, but
Raghuram Belur wrote:
I am wondering if it is possible to use some simple cross-platform
[PRNG] on the client which is probably not too hard to guess and use
a more robust mechanism such as an entropy gathering daemon on the
server
You will have to be very careful. For example, if you use
Thank you,
now the problem is:
with server when I execute it it appears on the screen that:
[23=0]serra@lsisun4/~/OpenSSL/opensslsun/demos/ssl>server
28901:error:02001002:system library:fopen:system lib:bss_file.c:244:fopen('./foo-cert.pem','r')
28901:error:20074002:BIO routines:FILE_CTRL:system
On Wed, Jun 21, 2000 at 11:21:03AM +0200, Petr Zeman wrote:
Hallo!
Can you help me with my new problem with APACHE?
I would like to install SSL into my APACHE.
I downloaded source of APACHE 1.3.12, mod_ssl-2.6.4.-1.3.12, openssl-0.9.5a,
complied it and install it (as is written in mod_ssl
hello!
There is a nice text on the theory of PRG:s by Goldreich downloadable
for free at his homepage if somebody is interested.
http://theory.lcs.mit.edu/~oded/frag.html
Another general tip on Crypto texts for free is lecture notes by
Bellare:
http://www-cse.ucsd.edu/users/mihir/papers/gb.html
Here is a document written by Lenya Khachaturov that has helped me to
install the certificates created for the MSIE or Netscape client :
-Message d'origine-
De: Martin Kraemer [SMTP:[EMAIL PROTECTED]]
Date: mercredi 21 juin 2000 12:59
À:Petr Zeman
Cc: [EMAIL PROTECTED]
Ah, no they just have a later expiration date.
Bob McConnell
-Original Message-
From: Rich Salz [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, June 20, 2000 10:22 PM
To: [EMAIL PROTECTED]
Subject: Re: "Suspending" certificate
But as someone pointed out, to complicate things
Folks,
I wonder why people think that thousands of real life
procedures concerning the production of 'valid documents'
can be simply replaced by a digital signature and a timestamp.
The IETF actual timestamping just uses signatures, thus
the problem of putting a document in time also applies
You can look at http://www.apache-ssl.org under the FAQ and it has step by
step instructions if you find you need more information...Helps even if you
aren't using apache-ssl...
You might also need to add a "chain" / "intermediate" cert
Check out: http://www.verisign.com/cus/srv/install/g/
Albert Serra wrote:
You need a certificate and a private key, which are in different files.
Look at the references tab in the openssl page. There is a text called
SSleay Certificate Cookbook which explains the way to make your own
certs and keys.
Thank you,
now the problem is:
with server
It's beginning to look like your problems have to do with basic C
programming competancy. You need to get up to speed on how to make your
compiler work before you can ask for help here.
-Original Message-
From: Albert Serra [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, June 20, 2000
[EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]...
As much as I understand, every certificate (user or CA) has limited time
to
live and after user certificate or any of his/her CA certificate has
expired,
it is no longer possible to verify it, what may be serious source of
problems
A lot of people seem to want a preview of what I do, so here it is,
the current snapshot of the OCSP stuff I'm working with, available
at http://www.stacken.kth.se/~levitte/OpenSSL/. Note that there are
two variants, one with patches relative to OpenSSL 0.9.5a and one
relative to the current
To build a legally royalty free SSL
implementation
what RSA algorithms do I need to abstain from
using?
When does the RSA patent expire?
1. The apps/req.exe
utilitygeneratesthis key thatI use
to for the certificate authority
in apps/CA.exe.
-BEGIN RSA PRIVATE KEY-Proc-Type:
raghuram belur wrote:
Unfortunately, requesting input from the user is not
an option for the application that I am working on.
This is one of the reasons why I am trying to see if
there is a way to "dumb down" the randomization on the
client and make it mostly a server side issue. I am
Hello again, folks. I have a bit of a dilemma here.
Yes, you do.
You need to look at what you are trying to protect yourself from.
For example, are you worried that someone can download your database?
If so, why are you not worried that they could download your decrypt program?
If they can
To build a legally royalty free SSL implementation
what RSA algorithms do I need to abstain from using?
When does the RSA patent expire?
*ALL* RSA algorithms are covered by patent until Sept 20.
If you need to work with current browsers, pragmatically speaking you
must have RSA.
1. The
Thanks for the info. I have a follow-up question based
on my specific situation. The cipher suite I am
forcing the client and server to negotiate to is
EDH-RSA-DES-CBC3-SHA(I am also requiring sslv3). That
being the case, is not having true randomness on the
client a risk? How good is the
On win32/NT.
When I try to create a self signed certificate I am getting
the PRNG not seeded error.
Okay, so that's got something to do with the random number
generator not being seeded. (as far as I can tell)
Now when I generated a private DSA
I have a /dev/urandom, and openssl reads 16 bytes from it. However the
PRNG still reports insufficient entropy. Anyone have any idea why, and
how I can fix it? (besides using the -rand option)
Taral
__
OpenSSL Project
On 21 Jun, Ulf Möller wrote:
On Wed, Jun 21, 2000 at 03:41:58PM -0500, Taral wrote:
I have a /dev/urandom, and openssl reads 16 bytes from it. However the
PRNG still reports insufficient entropy. Anyone have any idea why, and
how I can fix it? (besides using the -rand option)
Which
Hello again,
What ciphers specifically related to DSA or can
use DSA ?
-Translation-
I need to connect to a server that supports using
RSA and DSA and want to be sure it connect with
DSA. The server is going to authenticate my client
From: Lutz Jaenicke [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, June 20, 2000 1:09 PM
On Tue, Jun 20, 2000 at 01:51:34PM -0400, Bill Rebey wrote:
[what's the PRNG seed data used for, and why is it important?]
The question is not the amount of data, it is the amount of
24 matches
Mail list logo