Hello,
I still have not found a solution for the below problem. Can anyone
offer any help?
Cheers
Nico
Von: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] Im Auftrag von Nico Flink
Gesendet: Mittwoch, 23. November 2011 12:12
A
Thanks Jakob; that's simple and elegant, and a much better fit for how my
authentic channel operates.
I'm not quite sure what you mean by the phrase 'all the "encrypted"
handshake
traffic up to a specific point'. I think it should work if I hash the
entire handshake, which I could collect using th
Hi Dave,
Thanks for the reply.
Some more followup questions here:
In case of a server application, it is expected to send
> the intermediate certificates to the client. And in this case,
> is this API -- SSL_CTX_load_verify_locations(
) sufficient to be used?
> Or is there a separate API to send
Please can you advise how I can add a Friendly name to a CA Certificate
using OpenSSL ?
Many thanks
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-use
Here is my proposal based on experience doing something similar:
1. Establish the TLS session with a strong DH agreement, but no
certificate or an untrusted unchecked server certificate. While
establishing the TLS session, hash all the "encrypted" handshake
traffic up to a specific point with a
Two realistic options:
A) Use the "-passin" option to the openssl tool, this can be used to
specify that the password should be read from a pipe, whose output
comes from a program that obtains it in some secure way and which
is only willing to output it under the right circumstances.
I don't rem
I know. that's why i'm looking for a way, where I can provide it in some
way other than needing to interact with system.
2011/11/29 Curt Sampson
> On 2011-11-29 04:15 +0100 (Tue), Peter wrote:
>
> > It generally works, but after the command above is sent, i have to type
> in
> > pass phrase manu
Dear Users,
I have released version 4.49 of stunnel.
The ChangeLog entry:
Version 4.49, 2011.11.28, urgency: MEDIUM:
* Bugfixes
- Missing Microsoft Visual C++ Redistributable (msvcr100.dll)
required
by FIPS-compliant OpenSSL library was added to the Windows
installer.
- A bug was fi