That did it! Thank you, I'm neck deep into code that I don't fully
understand, I greatly appreciate the help.
Mike
On Wed, Apr 27, 2011 at 3:54 PM, re est wrote:
> Hi,
> Have you tried changing this
> if (!X509_sign(x,pk,EVP_sha1()))
> to
> if (!X509_sign(x,pk,EVP_sha256()))
>
>
Hi,
Have you tried changing this
if (!X509_sign(x,pk,EVP_sha1()))
to
if (!X509_sign(x,pk,EVP_sha256()))
On Thu, Apr 28, 2011 at 4:13 AM, Mike Markley wrote:
> I am creating a self signed x509 certificate using code based on the
> mkcert.c sample code included in the OpenSSL d
Thanks for the response, using -sha384 appears to be working and
verifies correctly.
Mike
-Original Message-
From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Dr. Stephen Henson
Sent: Sunday, April 24, 2011 4:17 AM
To: openssl-users@openssl.org
Su
I suspect client behavior is incorrect. It could have to do with 1.1
HTTP, especially if client is PHP (because of 100 continue
problems). There are several other documented delays including a 15
second default keep alive. There is also a cURL problem that can
cause this on the client side.
>> Hi,
>>I need to compile OpenSSL only with support for Symmetric
>> encryption - only 3DES support. How I can remove all unneeded stuff?
>> Can you give an advice what to remove and how to remove it?
>
>
>I suppose one approach would be to run a test suite that does just what
>yo
On 04/27/11 12:39 PM, derleader mail wrote:
Hi,
I need to compile OpenSSL only with support for Symmetric
encryption - only 3DES support. How I can remove all unneeded stuff?
Can you give an advice what to remove and how to remove it?
I suppose one approach would be to run a test suite t
I am creating a self signed x509 certificate using code based on the
mkcert.c sample code included in the OpenSSL demo sources. I need to
set the algorithm to sha256WithRSAEncryption and I cannot figure out
how to do this with the APIs. I always end up with
sha1WithRSAEncryption. Am I trying to do
Hi,
> Thanks for the input guys, however the 15 second pause exists even if i
> explicitly disable reverse lookups in apache 'Hostnamelookups Off' in
> httpd.conf and my server is operating on an internal network in a company so
> although i cant say for sure i doubt there is much IPV6 stuff ar
Hi,
I need to compile OpenSSL only with support for Symmetric encryption - only
3DES support. How I can remove all unneeded stuff? Can you give an advice what
to remove and how to remove it?
Regards
Peter
Dear OpenSSL Community,
I am a new user of OpenSSL and have a pretty simple question. I'm
trying to create a self-signed certificate and so far has done the
following.
Step 1)>openssl genrsa -des3 -out server1.key 1024
Step 2)This asked for a password and I made a password "asdf"
Step 3) >ope
Matthew Fletcher wrote:
Hi,
Thanks for the input guys, however the 15 second pause exists even if i
explicitly disable reverse lookups in apache 'Hostnamelookups Off' in
httpd.conf and my server is operating on an internal network in a company so
although i cant say for sure i doubt there is
* Matthew Fletcher, Wednesday, April 27, 2011 12:40 PM
> I guess that does not 100% rule out DNS/Network stuff, as SSL
> could be doing extra network lookups.
>
> Are there any more SSL diagnostics i can enable to try and
> pinpoint the problem ?
maybe checking with strace -ttt -p ... which op
Hi,
Just to test if my slowness is SSL or DNS/Network related i switched the server
in http mode and got the guys to re-connect. Connection times are now
sub-second. So my slowness is definatly https / SSL related.
I guess that does not 100% rule out DNS/Network stuff, as SSL could be doing
ex
Hi all,
I've been looking for a way to bind the openssl s_client command line
tool to a certain outgoing IP on a multi-IP host and all I've found was
a thread on how to do that using the library:
http://marc.info/?l=openssl-users&m=127166957110771&w=2
Is there maybe some obscure bind option the l
On Tuesday 26 Apr 2011 19:35:48 Mounir IDRASSI wrote:
> Hi James,
>
> I got the the correct certificate chain from my Windows 7 box. Microsoft
> tends to update its trusted CA certificates store more quickly and
> regularly than Mozilla or Linux distros: the latest update was last
> month on March
Hi,
Thanks for the input guys, however the 15 second pause exists even if i
explicitly disable reverse lookups in apache 'Hostnamelookups Off' in
httpd.conf and my server is operating on an internal network in a company so
although i cant say for sure i doubt there is much IPV6 stuff around.
D
16 matches
Mail list logo