Hi,
The certificate on JetDirect can be used for both client and server
authentication. JetDirect expects the installed certificate to contain
extendedKeyUsage extension with the values serverAuth and clientAuth. Add the
following line extendedKeyUsage = clientAuth, serverAuth in the section
Hi, Steve,
On this issue, I'd like to ask
more on OCSP verifying case.
If I have to insert all the
certificatesofthe chain ( my understanding is from ROOT CA to signer
of the OCSP response signer) into the STORE in default case, what is the stack
used for?
for example,
I am now having
Steve,
Thanks - now, this works. Perhaps you want to take the (typical) full path
of sendmail into your example since novices like myself don't have /usr/sbin
in their path.
Rgds r.
-Original Message-
From: Dr. Stephen Henson [mailto:[EMAIL PROTECTED]
Sent: Freitag, 11. Juli 2003 20:49
I put that in my openssl.cnf in the [ usr_cert ] section, and did:
openssl x509 -req -in hplj4600dn1.csr -CA ultimeth.pem -days 3650 -set_serial 01 -out
hplj4600dn1.crt
It didn't help; here's what openssl x509 -in hplj4600dn1.crt -text -purpose shows:
Certificate:
Data:
Version: 1
I'm following the CA recipe examples to do a CA setup under an AIX 5
environment.
http://home.himolde.no/~kd/prosjekt/ca/ca.html
openssl version 0.9.7
Browsers to test the client: Mozilla 1.0 or Netscape 7.01
When i try to sign the client certificate request...
openssl ca -spkac certreq.9484
I'm not sure that this is AT ALL relevant but I noticed that the
issuer CN has a wildcard and I wonder 1) what this means, and
2) if this could be confusing something?
Dean Gibson (System Administrator) wrote:
openssl x509 -req -in hplj4600dn1.csr -CA ultimeth.pem -days 3650 -set_serial 01 -out
What does certreq.9484 look like? Especially when decoded with
the openssl spkac tool?
David García Aristegui wrote:
I'm following the CA recipe examples to do a CA setup under an AIX 5
environment.
http://home.himolde.no/~kd/prosjekt/ca/ca.html
openssl version 0.9.7
Browsers to test the
At first, the certreq. is
more certreq.8558
commonName = Client Example
emailAddress = [EMAIL PROTECTED]
organizationName = Org
organizationalUnitName = Unit
localityName = Madrid
stateOrProvinceName = Madrid
countryName = ES
SPKAC =
In message [EMAIL PROTECTED] on Mon, 14 Jul 2003 17:34:21 +0200, David García
Aristegui [EMAIL PROTECTED] said:
david At first, the certreq. is
david
david more certreq.8558
david
david commonName = Client Example
david emailAddress = [EMAIL PROTECTED]
david organizationName = Org
david
how can i compile openssl-0.9.7b.tar.gz with the
openssl-devel option?
In message [EMAIL PROTECTED] on Tue, 15 Jul 2003 00:10:11 +0800, LaCraze [EMAIL
PROTECTED] said:
lacraze how can i compile openssl-0.9.7b.tar.gz with the openssl-devel option?
I don't understand your question. What is you goal?
--
Richard Levitte \ Tunnlandsvägen 3 \ [EMAIL PROTECTED]
I used to generate a self-signed certificate for each hostname I was using for an SSL
connection (www.ultimeth.net, imaps.ultimeth.net, smtp.ultimeth.net, etc. ...). Then
a couple weeks ago in browsing the Internet, I happened across this site:
http://www.freessl.com. I noticed that they
It seems to me that it is in the best interest of the major
CAs to not offer wildcard certificates; that way, they can
charge their outrageous prices for each certificate that you
need, and when you happen to change a hostname, they are
right there at the trough looking for more money.
hi all,
i want to implement CRL check.
but when i use flag: X509_V_FLAG_CRL_CHECK,
the compiler tells me that it is an undelared indentifier.
i use openssl-0.9.7b.
i don't why, i can't find it from any head files under openssl.
anybody can give a clue to me?
thx a lot.
jacky
Richard Levitte - VMS Whacker wrote:
I see a number of embedded charriage returns (^M). hos need to be
removed.
Yes. My current experimental code does this, I don't believe I
would have put it in if it were not necessary:
} elsif ( $req=$data-{'spkac'} ) {# Netscape SPKAC
# $$
15 matches
Mail list logo