Hello,
after I grep the whole include/ssl directory in the source-tree I had found
it.
Thankyou
Use chil instead of ncipher. The reason for this is that the
interface used is called CHIL (C{something} Hardware Interface
Library, IIRC, but nCipher folks will most probably have to correct
Hi Marc,
thanks for your help ! The problem for me was to find a function which
switches the socket to nonblocking mode.
Found function ioctlsocket(m_hSocket, FIONBIO, ulArg); with ulArg 0. :-)
Thank you !!!
-Ursprüngliche Nachricht-
Von: [EMAIL PROTECTED]
[mailto:[EMAIL
Hmmm...
I've compiled it with the same solaris-version and the same compiler. I also
have not the sys/bitypes.h and sys/cdefs.h. What development-packages from
SUN do you have installed? Do you use any flags with ./compile?
Ralf Schwiete
--
Ralf Schwiete
Dresdner Global IT Services
Tel.:
Hi all,
Can anyone help me where to find sample code for
"client certificate verification"
regards,
Siva K
How do you generate a CRL with the openssl tool?
Thanks,
George
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager
My plan is to use OpenSSL to provide crypto for ucd-snmp (which uses des,
md5, and sha) and ssl for a web server (using rsa, 3des, and sha or md5). I
will also use it for certificate generation.
I'm going to do some code and makefile editing to get rid of everything else
I can, which I think
On Fri, 4 May 2001 08:32:26 -0400
George Lind [EMAIL PROTECTED] wrote:
How do you generate a CRL with the openssl tool?
Thanks,
George
__
OpenSSL Project http://www.openssl.org
User
On Fri, 04 May 2001 08:52:13 -0400
"Gregg Gibson" [EMAIL PROTECTED] wrote:
My plan is to use OpenSSL to provide crypto for ucd-snmp (which uses des,
md5, and sha) and ssl for a web server (using rsa, 3des, and sha or md5). I
will also use it for certificate generation.
I'm going to do
On Fri, 04 May 2001 21:55:21 +0900
RONDAN [EMAIL PROTECTED] wrote:
On Fri, 4 May 2001 08:32:26 -0400
George Lind [EMAIL PROTECTED] wrote:
How do you generate a CRL with the openssl tool?
Thanks,
George
__
On Fri, 4 May 2001 14:56:33 +0200
"Robin Gorris" [EMAIL PROTECTED] wrote:
Hi,
I have some questions on the verification callback function. By the way, I'm
using the SSL_VERIFY_PEER mode.
1. Is it best practice to put all the certificate checks in this callback
function?
2. Is it so
Title: RE: how to create CRL with openssl?
Hi,
Very simply :
openssl ca -gencrl -config config_file -out out_file
Then if You want to change format to DER
openssl crl -in in_file -outform DER -out out_file
To first command You can add information about next update if You don't want to
I am also thinking about to port openssl to an embedded system and noticed the
the discussion.
What sizes have you come down to ? and does your embeded system have filestorage ?
fopen() or is the certificates
stored in char []?
The core question is what i takes to port it to an embeded
On Fri, 04 May 2001 21:58:44 +0900
RONDAN [EMAIL PROTECTED] wrote:
On Fri, 04 May 2001 08:52:13 -0400
"Gregg Gibson" [EMAIL PROTECTED] wrote:
My plan is to use OpenSSL to provide crypto for ucd-snmp (which uses des,
md5, and sha) and ssl for a web server (using rsa, 3des, and sha or
Hello!
Like I say in the subject
How I can create a Cert Store?
Thanks in advance,
Regards,
Antonio.
--
--
Antonio Ruiz Martínez
Facultad de Informática-Universidad de Murcia
30001 Murcia - España (Spain)
Telf: +34-968-364644 e-mail:
I have (possibly) a similar problem. But just for the sake of completeness, is anyone
aware of a port to VxWorks? If I could hook up with the poor sod that's been through
this before that would probably save my hair at least.
-lee
Hello,
Could someone tell me where I could find some test
vectors for a DES in CBC mode?
Thank you.
Hi,
I am newbie to this group. I want to know more about keyEncipherment,
dataEncipherment, keyUsage, keyAgreement.
Can you please point to any documents or proper link to know the exact
definitions and usage.
Thanks in Advance.
Ravi
--
A man without a woman is like a statue without pigeons.
On Fri, May 04, 2001 at 02:56:33PM +0200, Robin Gorris wrote:
I have some questions on the verification callback function. By the way, I'm
using the SSL_VERIFY_PEER mode.
1. Is it best practice to put all the certificate checks in this callback
function?
Yes, I would recommend doing so, as
Hi
I have got a doubt regarding the 3DES-CBC implementation in openssl. Is it
implementing OUTER CBC or INNER CBC mode.
Thanks and Regards
Ivan
__
OpenSSL Project http://www.openssl.org
User
At 04:10 PM 5/4/01 +0300, Andreas Bäck wrote:
The core question is what [it] takes to port it to an embeded system.
FWIW: my number one worry about porting SSL to an embedded system is where
I get my entropy. Because my company sells embedded OS's to end
developers, I need a general solution
Lee,
unpredictable random numbers required for ssl client to set
pre-master secret, client key exchange message, rsa mode.
One can run a reverse solution with SSL client on a web server.
Unfortunately this breaks HTTPS. However, you still have
a secure solution and a CA in business :)
would
On Fri, 4 May 2001, Frédéric Viollet wrote:
Hello,
Could someone tell me where I could find some test vectors for a DES in CBC mode?
You could have looked for DES test vectors in a good web search engine,
such as Google. The second result gives you the URL:
It is critical to get the initial seed with as much entropy as possible and because
you are the OS vendor I don't believe you can do it yourself. I think it's up to the
end users to provide the seed. In the case of small embedded systems, it's a design
issue, to provide the required level of
- Original Message -
From: Erwann ABALEA [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Friday, May 04, 2001 5:10 PM
Subject: Re: test vectors
Could someone tell me where I could find some test vectors for a DES in
CBC mode?
The last one on the first page is also interesting:
On Fri, 4 May 2001, Dilkie, Lee wrote:
It is critical to get the initial seed with as much entropy as possible
yes, it's traditional way to keep openssl' PRNG happy.
However, a random inside server hello is sent in clear
and it may be appropriate to use low-quality clock-based source here.
Antonio Ruiz Martínez wrote:
Hello!
Like I say in the subject
How I can create a Cert Store?
Thanks in advance,
Regards,
Antonio.
Are you thinking about the Java Keystore (and certs... also)?
--
Dott. Sergio Rabellino
Technical Staff
Department of Computer Science
Rabellino Sergio wrote:
Antonio Ruiz Martínez wrote:
Hello!
Like I say in the subject
How I can create a Cert Store?
Thanks in advance,
Regards,
Antonio.
Are you thinking about the Java Keystore (and certs... also)?
No, I'm thinking about the X509_STORE_CTX
Thanx for your reply. But about question 3. : which API returns Peer cert
verify depth=2? Which function returns the depth or where can I find it?
Once more TIA,
Robin
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Lutz Jaenicke
Sent: vrijdag 4 mei
Antonio Ruiz Martínez wrote:
Rabellino Sergio wrote:
Antonio Ruiz Martínez wrote:
Hello!
Like I say in the subject
How I can create a Cert Store?
Thanks in advance,
Regards,
Antonio.
Are you thinking about the Java Keystore (and certs... also)?
Hi,
Iam a newbie to openssl, trying to implement a
single threaded server and client. Does openssl come
with a default session manager? if not is there any
known implementation of session manager? My
requirement is to re use the session id's up to a
configurable time limit, ex: 10minutes.
30 matches
Mail list logo
