On Sat, Aug 25, 2001 at 07:41:08AM +0100, Andrew Cooke wrote:
> How does she create the fingerprint? - I looked and could not find a way to
> do it with openssl (only fingerprints for certificates seem to be supported).
openssl md5 filename
(or openssl sha1 fingerprint)
Best regards,
Lu
At 10:03 PM 8/24/01 +0200, you wrote:
>On Fri, Aug 24, 2001 at 05:28:43PM +0100, Andrew Cooke wrote:
> > What I should have asked is how to detect a *substitute* request. It will
> > be self-consistent, but will not match the correct private key.
> >
> > One solution is to show that the certifica
On Fri, Aug 24, 2001 at 05:48:28PM -0400, James A. Russo wrote:
>
> I looked through the apps and could not find any which did this.
>
> I have a X509 * and EVP_PKEY * structure and want to be sure that they do
> in fact match. So if they are invalid I can just not install them for use
> in the
This has been one long battle, made messy later on by my having to work backward from
0.6.6b to 0.9.6 in order to get a compile under UnixWare7.1.1
I have followed the advice Alex Pircher has kindly provided. Basically, that meant
following through the creation of the RSA provate key for the se
On Fri, Aug 24, 2001 at 05:28:43PM +0100, Andrew Cooke wrote:
> What I should have asked is how to detect a *substitute* request. It will
> be self-consistent, but will not match the correct private key.
>
> One solution is to show that the certificate and private key are consistent
> after si
Are you trying to import the certificate from a file that contains a
human-readable certificate before the
-BEGIN CERTIFICATE
line? If so, delete everything up to (but not including) that line and try
again.
Andrew
At 12:33 PM 8/24/01 -0500, you wrote:
>I am getting an error
>keytool
On Fri, 24 Aug 2001, Joshua Chamas wrote:
> Bob Niederman wrote:
> >
> > I'm using Crypt::SSLeay 0.29 with LWP::UserAgent 1.73.
> >
> > I'm trying to use a proxy. As noted in the doc, $us->proxy() doesn't
> > work.
> >
> > However, the workaround suggested:
> >
> > "
> > $ENV{HTTPS_P
Hi,
I'm using Openssl Non-Blocink mode, so that the eap and tls thing could
work. And working too. And since ppp-eap-tls thing does not say anything
about that u should have exact tls handshake packets, rather it says tls
messages.. so u don't have to put efforts in getting exact tls handshake
me
Aslam,
Any success doing this. I'm thinking of using Openssl
for the same purpose. Please let me know.
Regards,
Prashant.
-Original Message-
From: Aslam [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, May 08, 2001 11:41 AM
To: '[EMAIL PROTECTED]'
Subject: Getting actual blobs of ssl3 / tls1 m
Ya I'm doning it.. U have any questions??
Aslam
-Original Message-
From: Prashant Kumar [mailto:[EMAIL PROTECTED]]
Sent: Friday, August 24, 2001 3:11 PM
To: [EMAIL PROTECTED]
Subject: PPP EAP-TLS Protocol
Hello Group,
Did anyone try implementing PPP EAP-TLS protocol[RFC 2716] using
Op
Hello Group,
Did anyone try implementing PPP EAP-TLS protocol[RFC 2716] using
Openssl code.
Thanks a lot.
Regards,
Prashant.
__
OpenSSL Project http://www.openssl.org
User Support Mailing List
Is your program multi-threaded? If so, did you register the ssl locking
callback function and implement locks?
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of Ashada Karunaratna
> Sent: Friday, August 24, 2001 1:31 AM
> To: [EMAIL PROTECTED]
> Subj
I am getting an error
keytool error: java.security.cert.CertificateException: IOException:
Sequence tag error
when i try to import s sign certificate into the keystore (JDK 1.3 on
Solaris 8) keytool.
I have seen a lot of posting on this on the web but no resolution Can
anyone help please
Ilya
---
Bob Niederman wrote:
>
> I'm using Crypt::SSLeay 0.29 with LWP::UserAgent 1.73.
>
> I'm trying to use a proxy. As noted in the doc, $us->proxy() doesn't
> work.
>
> However, the workaround suggested:
>
> "
> $ENV{HTTPS_PROXY} = 'http://proxy_hostname_or_ip:port';
> $ENV{HTTPS_PROX
If there's a solution using existing code (ie the openssl utility) then I'm
asking the same questions (in effect) in the "Practical CA problem"
threads, so you might want to look at any answers that appear there
(hopefully!) too.
(You could also encrypt and then decrypt some data - if you ge
Hi,
Currently we here are trying to develop a product using the ACE SSL library,
and have problems with our executable, which outputs the following error
message :
1:error:140A90A1:SSL routines:SSL_CTX_new:library has no
ciphers:ssl_lib.c:1173:
set_mode ERROR
(18549|1) ACE_SSL_SOCK_Strea
I'm using Crypt::SSLeay 0.29 with LWP::UserAgent 1.73.
I'm trying to use a proxy. As noted in the doc, $us->proxy() doesn't
work.
However, the workaround suggested:
"
$ENV{HTTPS_PROXY} = 'http://proxy_hostname_or_ip:port';
$ENV{HTTPS_PROXY} = '127.0.0.1:8080';
Use of the HTTP
I looked through the apps and could not find any which did this.
I have a X509 * and EVP_PKEY * structure and want to be sure that they do
in fact match. So if they are invalid I can just not install them for use
in the server and throw an error. I'm using RSA keys if that makes a
difference.
t
At 05:28 PM 8/24/01 +0100, you wrote:
>At 05:17 PM 8/24/01 +0200, you wrote:
>> Just verify the signature of request with : openssl -req -verify -in
>>requestfile
>
>Thank-you, but I made a mistake asking the question.
I was supposed to say Sorry too, at that point!
_
At 05:17 PM 8/24/01 +0200, you wrote:
> Just verify the signature of request with : openssl -req -verify -in
>requestfile
Thank-you, but I made a mistake asking the question.
What you are suggesting will detect a modified request (which is what I
wrote), but not someone substituting a diffe
"Ludovic FLAMENT" <[EMAIL PROTECTED]> writes:
> Just verify the signature of request with : openssl -req -verify -in
> requestfile
>
> When a user make a request, he sign them with private key, so if anyone
> change the contents of the request, the signature verification failed.
Hmm, ha
Andrew Cooke wrote:
>
> Hi,
>
> How do I detect whether a certificate request (in particular, the public
> key) has been modified before signing?
Hi,
probably I missed the point but may requests have signed contents. The
PKCS#10 also has the subject signed while the SPKAC has only a key challe
>the openssl verify command checks CA chains, not certificate/key pairs.
No it is not true. The verification is on the signature of the
certificate request.
Example :
$>openssl req -in my.req -verify -noout
Using configuration from /usr/local/ssl/openssl.cnf
verify OK
$> openssl asn1pa
Just verify the signature of request with : openssl -req -verify -in
requestfile
When a user make a request, he sign them with private key, so if anyone
change the contents of the request, the signature verification failed.
--
Ludovic FLAMENT.
- Original Message -
From: "Andrew C
Hi,
How do I detect whether a certificate request (in particular, the public
key) has been modified before signing?
The only solutions I can see are:
- doing an explicit test using private and public key
- checking the public key data in request and certificate by eye
I cannot see any way of
I am trying to configure an application to use openssl
(courierimap to be exact). I keep getting the error
starttls: accept: error:1408F10B:SSL
routines:SSL3_GET_RECORD:wrong version number
in the log files... Both the client and server are
usign the same exact version of openssl. namely
ope
While working on some proper C++ wrapper classes for OpenSSL, I
realized that while there are EVP_PKEY structs for asymmetric
keys, there is no such thing for symmetric ciphers (DES in my
case).
Did I just miss something while going through the source code or
is using the des_* APIs the only
27 matches
Mail list logo