Re: openssl 1.0.1e Signature verification problems

2013-06-19 Thread anand rao
The output of command "openssl asn1parse -i -in cacert.pem"  is     0:d=0  hl=4 l= 872 cons: SEQUENCE     4:d=1  hl=4 l= 729 cons:  SEQUENCE     8:d=2  hl=2 l=   3 cons:   cont [ 0 ]    10:d=3  hl=2 l=   1 prim:    INTEGER           :02    13:d=2  hl=2 l=   9 prim:   INTEGER           :D46F3D4EDCA

Re: Creating certificates

2013-06-19 Thread Patrick Patterson
Hi Rodney, First of all, this isn't a CA certificate - the "Basic Constraints CA:FALSE" quite plainly points to this. This is a wildcard certificate for use by authorised representatives of "securesites.com" to be able to use for their own servers. Therefore, you will never be able to create a

Creating certificates

2013-06-19 Thread Rodney Simioni
Hi, There was an email earlier yesterday about LDAP/SSL/TLS but I'm going to revise my question. Please disregard the email because instead of creating certificates, I'm going to use certs provided by my linux admin to configure SSL/TLS with LDAP. My sysadmin gave me 3 wildcard openssl files;

Re: Validating a certificate which is expired

2013-06-19 Thread Michael Sierchio
On Wed, Jun 19, 2013 at 1:34 PM, Dave Thompson wrote: >>From: owner-openssl-us...@openssl.org On Behalf Of Bob Bell (rtbell) >>Sent: Wednesday, 19 June, 2013 15:01 > >>I have a situation where I need to determine the validity of a certificate >>in all other aspects even though it has expired. In o

RE: Validating a certificate which is expired

2013-06-19 Thread Dave Thompson
>From: owner-openssl-us...@openssl.org On Behalf Of Bob Bell (rtbell) >Sent: Wednesday, 19 June, 2013 15:01 >I have a situation where I need to determine the validity of a certificate >in all other aspects even though it has expired. In other words, the >signatures are all valid and the contents

Validating a certificate which is expired

2013-06-19 Thread Bob Bell (rtbell)
Folks - I have a situation where I need to determine the validity of a certificate in all other aspects even though it has expired. In other words, the signatures are all valid and the contents untampered, but the "notAfter" date is less than current date. If I run the certificate verify proces

RE: cannot open certdb

2013-06-19 Thread Rodney Simioni
Comments inline. -Original Message- From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of Dave Thompson Sent: Tuesday, June 18, 2013 10:29 PM To: openssl-users@openssl.org Subject: RE: cannot open certdb >From: owner-openssl-us...@openssl.org On Beha

Creating timestamps with PKCS#11

2013-06-19 Thread Mat Arge
Hy! Is it possible to create a timestamp response with "openssl ts" with a private key stored on a PKCS#11 token? cheers Mat __ OpenSSL Project http://www.openssl.org User Support Mailing List