Thanks Guys for the help, I got it working by loading the location using API
SSL_CTX_load_verify_locations(). The location where I have the certificate
available.
I have another question related to certification verification itself.
Can by any mean, I verify a peer certificate(self signed)
Hi
I also managed to get self-signed certs to work like this but does anyone
know how to use self-signed certs in a RAM-only environment i.e. no disk
available?
-Original Message-
From: owner-openssl-us...@openssl.org [mailto:owner-openssl-
us...@openssl.org] On Behalf Of Manoj
Sent:
El día Saturday, November 16, 2013 a las 08:36:33PM -0500, Dave Thompson
escribió:
I was thinking more in a solution where the client reads the first 8
bytes from the socket and checks if the beginning of the GoodMorning
message is there in clear text (like 220 SLNP) and if not
it should
Do not encrypt with a private key. Encrypt with the public key and
decrypt with the private key.
I would extract the key parts by converting the pem format to an RSA
structure, get the BIGNUMs from the structure, and convert BIGNUM to bin.
I don't guarantee that this is the best way, but it
owner-openssl-us...@openssl.org (Kenneth Goldman/Watson/IBM@IBMUS) wrote on
11/18/2013 10:03:29 AM:
Do not encrypt with a private key. Encrypt with the public key and
decrypt with the private key.
Encrypt with a private key for integrity purposes: this shows that the data
that was encrypted
I have been using VS2008, but I have seen the same errors. Some of the things
I have done to work around them include:
1. Using a version of wcecompat based upon
http://www.ohloh.net/p/mauriceks_wcecompat/
2. Pull a few select files from OpenSSL tips to the 1.0.1e branch that I am
working on.
Hi all,
I'm developing a custom Engine in order to have a SSL client dual
authentication connection.
When I try to connect, I got:
(...)
SSL_connect:SSLv3 flush data
SSL_connect:error in SSLv3 read finished A
error:260C0065:engine routines:ENGINE_get_pkey_meth:unimplemented public key
From: owner-openssl-users On Behalf Of Mark Currie
Sent: Monday, November 18, 2013 03:24
I also managed to get self-signed certs to work like this but does anyone
know how to use self-signed certs in a RAM-only environment i.e. no disk
available?
Your OS or C runtime might provide a RAM
PEM files are not hex. They are base64, plus header and trailer lines.
You can read any supported PEM file with the functions in pem.h.
OpenSSL historically supports several different PEM formats for
privatekeys - man PEM -- but the PEM_read routines can handle
all of them automatically
Dave Thompson dthomp...@prinpay.com wrote on 11/18/2013 05:07:14 PM:
For RSA the private key is at least (d,n), and OpenSSL always generates
the “CRT” form which has half a dozen other elements to allow more
Oh, well if you are going to be *helpful* ...
So our question is how do we extract
Hi Steve,
I am also seeing AES along with GCM and RC4 in my search if I disable
CBC. So can it guarantee that still client and server can communicate. Also
if I use both end points as having same version of openssl than also there
can be any problem.
Regards,
Alok
On Tue, Nov 12, 2013 at
11 matches
Mail list logo