Frederic Evrard wrote:
I'm using open-ssl to do EAP-TLS authentication, then I've a question
about something strange for me.
When you want to use TLS to mount an encrypted tunnel, you need a
session
key, but in authentication you only need certificate checking ?? Why
generate
Hi .,
Is it possible that to have certificates in other formats like PKCS
apart from PEM/DER? In that case how can we convert the PKCS to X509
format?Is there any interface available on openssl? What way we can
identify the format of the certificate. According to my understanding
DER and PKCS
[EMAIL PROTECTED] wrote:
Hi .,
Is it possible that to have certificates in other formats like PKCS
apart from PEM/DER? In that case how can we convert the PKCS to X509
format?Is there any interface available on openssl? What way we can
identify the format of the certificate. According to my
Hi all,
I've been struggling with this one for few weeks now i
hope someone here already seen this error.
I'm using openssl version OpenSSL 0.9.7d 17 Mar 2004
When i try to sign a certificate i'm getting the
following error message:
openssl ca -in s.pem
Using configuration from
Hello,
To answer my own question, the below problem was being caused by the Eudora bug
being present on our LDAP-S server side, i.e. we had to set the option
DONT_INSERT_EMPTY_FRAGMENTS on the client for it to work.
Regards,
David Hansen
-Original Message-
From: Hansen, David-E
Hi.,
I will be getting the certificates in a buffer in DER format.The buffer
of 2048 bytes contains the following data I am copying the initial few
bytes and then the trailing bytes.:
With the start bytes we can identify as DER format. When I pass this
buffer to d2i_X509() it fails.
[EMAIL PROTECTED] wrote:
Hi.,
I will be getting the certificates in a buffer in DER format.The buffer
of 2048 bytes contains the following data I am copying the initial few
bytes and then the trailing bytes.:
With the start bytes we can identify as DER format. When I pass this
buffer to
Jim Catty wrote:
Hi all,
I've been struggling with this one for few weeks now i
hope someone here already seen this error.
I'm using openssl version OpenSSL 0.9.7d 17 Mar 2004
When i try to sign a certificate i'm getting the
following error message:
openssl ca -in s.pem
Using configuration from
Attached the cert dump..
What is dumpasn1? How can I take that?
Thanks.,
Sakthi S G
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Nils Larsch
Sent: Tuesday, July 13, 2004 5:47 PM
To: [EMAIL PROTECTED]
Subject: Re: d2i_X509() failed.
[EMAIL
Bonjour,
On Tue, 13 Jul 2004 [EMAIL PROTECTED] wrote:
Attached the cert dump..
Do this on a well installed Unix machine:
sed 's/0x//g' cert_dump.txt | tr -d ',' | perl -e 'while (STDIN) { print
pack(H*, $_); }' testcert.der
You'll have a new file named testcert.der, containing what your
[EMAIL PROTECTED] wrote:
...
What is dumpasn1? How can I take that?
It's nice ASN.1 tool written by Peter Gutmann, see:
http://www.cs.auckland.ac.nz/~pgut001/
Nils
__
OpenSSL Project
Frederic Evrard wrote:
Ok thanks, and this HMACs keys are used to forge
TLS Record Layer : Hanshake Protocol : Encrypted Hanshake Message
HMACs(shared secret+DAta).
Is it used to control integrity of the TLS Handshake packet ?
Not for ensuring the integrity of the TLS Handshake packets, but for
Thanks for the link..
Did you get the dump I have sent?
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Nils Larsch
Sent: Tuesday, July 13, 2004 6:29 PM
To: [EMAIL PROTECTED]
Subject: Re: d2i_X509() failed.
[EMAIL PROTECTED] wrote:
...
What is
[EMAIL PROTECTED] wrote:
Thanks for the link..
Did you get the dump I have sent?
yes, but as Erwann Abalea already wrote is the certificate
not correct
Nils
__
OpenSSL Project http://www.openssl.org
remove
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
Hi,
I have a trouble writing https client.
It has so kind of code for initialisation:
SSLeay_add_ssl_algorithms();
*ssl_ctx = SSL_CTX_new (SSLv23_client_method());
*s = SSL_new (*ssl_ctx);
init_client (sock, host, port);
SSL_set_fd (*s, *sock);
SSL_connect (*s);
return SSL_do_handshake(*s);
16 matches
Mail list logo