FYI: I'm a relative novice when dealing with SSL encryption. So
please bear with me if I ask pointless questions.
Background Info:
My current project is securing a wireless network. I activated the
WEP encryption and setup the nodes but from all the documentation I've
read WEP is not enough.
I'll answer several messages at once in this mail.
Nils Larsch [EMAIL PROTECTED] wrote:
Try:
[EMAIL PROTECTED]
[dist_point]
dirName=dir_name
[dir_name]
C=FI
O=SSH Communications Security Corp
CN=SSH Test CA 2 No Liabilities
this works for me (note: I'm using 0.9.8-dev).
Perhaps this is a Windoze-specific problem, but I'm not able to set the callback method as an object-method.
Is it impossible?
-- kov
Directly... yes, it is impossible.
Indirectly, is possible. You'll need to create a C
callback to pass to set_verifythat calls your object method with the
object pointer. you'll need to create a c++analog of the set_verify
that'll take the object pointer and method callback.
Just par for
Title: Client Side Certificate model
Hi all
I need to implement a client side certificate model for SSL, specifically, the client side (the server side is developped by another party of which I won't have access to until the end of the implementation). The Key exchange algo. used will be
Hello Denis,
Babineau, Denis wrote:
I need to implement a client side certificate model for SSL,
specifically, the client side (the server side is developped by another
party of which I won't have access to until the end of the
implementation). The Key exchange algo. used will be RSA and the
I don't think it really works - I certainly never got it to work.
Most likely becuase you don't have the keys.
1. ssldump has the keys.
This means that ssldump must have the *private keys* of the server and, if
they're used, of the client as well. In other words you are setting
ssldump
Does anyone know if STUNNEL program support
CRL in any way(PEM file format like Apache or more sophisticated way)?
I check the www.stunnel.org
It does not say "it does not support"
But it ddoes not say "it supports" either.
There is not option or stunnel.conf setting for
On Fri, 2003-11-07 at 14:26, Rich Salz wrote:
I don't think it really works - I certainly never got it to work.
Most likely becuase you don't have the keys.
Bzzt - sorry - I'm not that stupid today ;-)
If I do ssldump -Ad -i eth0 -k server-cert.pem host me and port 443,
where