If the files are stored locally in a directory, then you can specify to the CTX
the hash directory ( X509_STORE_load_locations(store,hashdir,rootfile) ), but
you need to name your certificate file(s) with the hash of the subject name of
the certificate. Or you could implement your own method: fo
David
This was part of a script I developed for a credit card gateway using Active
Perl 5.8.0. It basically imported a file, encrypted and sent it and then
parsed the response out to another file. I installed openssl and installed
the netssleay 1.32 pm in Active Perl. I also used a similar script
xxx:~$ openssl s_client -connect ecc.fedora.redhat.com:8443 -ssl3 -state -debug
CONNECTED(0003)
SSL_connect:before/connect initialization
write to 0020BFC0 [00132000] (86 bytes => 86 (0x56))
- 16 03 00 00 51 01 00 00-4d 03 00 48 5a a5 74 38 Q...M..HZ.t8
0010 - 59 cc f7 49 e3 a2 ee f4
I'm writing code in C++ and to validate a certificate I need to verify it's
chain back to the root certificate.
The method that validates the certificate also needs the root certificate
file name. How can
I determine the root certificate file name for a given certificate? I know
the directory where
Ok Great!! Thanks, I'll give it a try...
David M. Funk
President/CEO
Tivoli Certified Enterprise Consultant
Specializing in Network and Systems Management Solutions
Trinity Solutions
604 Cassandra Dr.
Cranberry Twp., PA 16066
Phone: 724-316-0721
Fax:
> for (nread = 0; nread < sizeof(buf); nread += err)
> {
> err = SSL_read(client_conn, buf + nread,
> sizeof(buf) - nread);
> if (err <= 0)
> break;
> }
Umm, this doesn't look like
PUT is part of the DAV specification. I'm seeing
http://www.webdav.org/perldav/ as being a good start. It states that
Crypt::SSLeay (and thus openssl) is necessary for getting HTTPS
support into LWP, which the HTTP::DAV module uses.
-Kyle H
On Thu, Jun 19, 2008 at 7:27 AM, David M. Funk <[EMAIL
Uh, what is the actual behavior? Have you attempted to debug it with
openssl s_client? Have you attempted to figure out what a real
webserver, such as Apache, does with the same input?
This is not a general "we will debug your code for you" list, but we
can point you in the directions to look fo
Hi,
I have problems to establish a SSL connection where the server certificate is
based on an EC key. I first tried via the c-api, but I can't make it working
even with the command line tool. This is what I did:
xxx:~./openssl ecparam -name secp256r1 -genkey -out ecc1.pem
using curve name pr
You can see that error when you are opening the cert file in Konqueror
or Windows Explorer.
I just found out that it works when I'm adding the "keyCertSign" flag to
"keyUsage".
But I don't understand the background why this is necessary.
Is there any documentation available about this extension
Yea that's what I tried earlier and couldn't get to work..
Thanks for your reply though.
David M. Funk
President/CEO
Tivoli Certified Enterprise Consultant
Specializing in Network and Systems Management Solutions
Trinity Solutions
604 Cassandra Dr.
Cranberry Twp., PA 16066
From: [EMA
On Wed, Jun 18, 2008 at 5:33 PM, Julius Davies <[EMAIL PROTECTED]>
wrote:
> Your very first code example (without the context) should be fine!
> There is no need to set any ciphers. Java has a list of ciphers it
> will automatically try to use.
>
> If you like downloading jar files, here's anothe
Hi,
I tried to implement a simple HTTPS server using openssl.
The Server establishes an SSL connection, receives input and searches
the input for GET string. If string is found it is supposed to send a
"static" response to the client.
The client here can be any browser.
I am able to establish the
I don't have any examples, but check out
http://search.cpan.org/dist/libwww-perl/lib/HTTP/Request/Common.pm
Using LWP and a PUT operation seems to be pretty straightforward if this
document is to be believed.
Jim.
On Wed, Jun 18, 2008 at 3:40 PM, David M. Funk <[EMAIL PROTECTED]> wrote:
> Anybo
Hello
I'm creating a self-signed x509 certificate with some extensions.
I have to set DNS and URI in subjectAltName,
keyUsage and extendedKeyUsage.
Sample:
subjectAltName = URI:opc.tcp://FOO:4840, DNS:FOO
keyUsage = nonRepudiation, digitalSignature, keyEncipherment, dataEncipherment
extendedKeyU
15 matches
Mail list logo