On Mon, Oct 01, 2012, Abhiram Shandilya wrote:
Is there a way to add a specific signature_algorithm extension when using
s_client to connect to an SSL server? Why does s_client negotiate
ECDH-RSA-AES128-SHA256 when I use the cipher ECDH-ECDSA-AES128-SHA256? Is
this because they are equivalent
Greetings Earthling,
I am not much of an expert on the matter of CAs but I jump in with
some knowledge I have until now.
Inline.
On Tue, Oct 2, 2012 at 10:42 AM, Darod Zyree darodzy...@gmail.com wrote:
Greetings,
I am confused about something and I could not find the information I
was
On 10/2/2012 9:42 AM, Darod Zyree wrote:
Greetings,
I am confused about something and I could not find the information I
was looking for.
We are planning to set up our own Certificate Authority server on our
internal network.
After having read several how-to’s, and other documentation on how
Hello colleagues!
I need help with revocation of client certificate in OpenSSL (v 0.9.8n).
I have setup a CA with self-signed certificate so I can generate and sign
client certificates which are used to access squid, which in turn forwards
traffic to exchange server.
In squid.conf file there
I download latest version
Compiling
./config shared enable-rfc3779
make depend
make
make install
And in the destination folder absent libgost.so
Why?
How can i compile GOST engine?
Hi All,
Here is something I am not able to figure out, even after checking the FAQ and
the rand(3) man page:
When using the openssl command line utility, is a private RANDFILE per CA
required for security reasons, or is it just fine to use a single RANDFILE for
everything (i.e. the default
Dave, as always, thanks.
Unlike most(?) other modules in openssl, txt_db does NOT use the ERR_
module with its error strings
I love OpenSSL and I'm not going to tell you how to run your organization
but better documentation would probably mean both wider acceptance and fewer
dumb questions from
On 10/2/2012 2:04 PM, Stefan H. Holek wrote:
Hi All,
Here is something I am not able to figure out, even after checking the FAQ and
the rand(3) man page:
When using the openssl command line utility, is a private RANDFILE per CA
required for security reasons, or is it just fine to use a
Hello list,
is there a way to use ENGINEs in a non-blocking way - meaning for a network
operation (remote HSM) the thread can do something else instead of waiting for
the IO operation to complete?
Thanks
Jens
__
OpenSSL Project
Hi,
If I try to create Diffie-Hellman key parameter (OpenSSL 1.0.0) via
openssl dhparam -out $KEY_DIR/dh1024.pem 1024
I get the following output:
Generating DH parameters, 1024 bit long safe prime, generator 2
This is going to take a long time
.+. [...]
unable to write
On 10/2/2012 3:12 PM, int0...@safe-mail.net wrote:
Hi,
If I try to create Diffie-Hellman key parameter (OpenSSL 1.0.0) via
openssl dhparam -out $KEY_DIR/dh1024.pem 1024
I get the following output:
Generating DH parameters, 1024 bit long safe prime, generator 2
This is going to take a long
I deleted index.txt and reset serial.txt to 00 and that solved the problem.
Hope that was not a terrible idea.
I understand that I have lost the ability to revoke any previous
certificates.
I won't edit index.txt again.
Charles
-Original Message-
From: Charles Mills
From: owner-openssl-us...@openssl.org On Behalf Of Bogdan Harjoc
Sent: Thursday, 27 September, 2012 11:19
On Thu, Sep 27, 2012 at 1:43 AM, Dave Thompson dthomp...@prinpay.com
wrote:
What version of openssl, and was it built with any options? snip
I tried with 1.0.0d and 1.0.1c. I was
Thanks for the response!
-Original Message-
From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org]
On Behalf Of Dr. Stephen Henson
Sent: Tuesday, October 02, 2012 3:39 AM
To: openssl-users@openssl.org
Subject: Re: s_client signature_algorithm extension
On Mon,
From: owner-openssl-us...@openssl.org On Behalf Of Charles Mills
Sent: Tuesday, 02 October, 2012 17:06
I deleted index.txt and reset serial.txt to 00 and that
solved the problem.
Hope that was not a terrible idea.
If this was play data as said it shouldn't hurt, but I'm
not sure it's a
Any plans for Keccak / SHA-3?
http://www.nist.gov/itl/csd/sha-100212.cfm
Cheers,
Paul
_
Paul A. Suhler, PhD | Firmware Engineer | Quantum Corporation | Office:
949.856.7748 |
Oops. Forgot the
;-)
From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org]
On Behalf Of Paul Suhler
Sent: Tuesday, October 02, 2012 8:38 PM
To: openssl-users@openssl.org
Subject: SHA-3?
* PGP Bad Signature, Signed: 10/2/2012 at 8:38:22 PM
Any plans for
17 matches
Mail list logo