That solved the issueThank you!
--
View this message in context:
http://openssl.6102.n7.nabble.com/Set-public-key-in-a-CSR-tp48250p48263.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.
__
OpenSSL
Hi Jakob,
Thanks, this is exactly the help I was looking for.
Cheers!
Sean
On Thu, Jan 23, 2014 at 2:05 PM, Jakob Bohm jb-open...@wisemo.com wrote:
On 1/23/2014 4:55 PM, Sean Langley wrote:
Hi All,
I have been using AES 256, CTR mode to encrypt the contents of a file on
disk. The IV
These built-in functions do not return the size of the binary data, so how can
I get the length of the binary data? I need the length in some other parts of
my program. Do I need to convert them to Hex everytime to get the length? Or is
there any direct method to get the length? I want to use
Ø These built-in functions do not return the size of the binary data, so how
can I get the length of the binary data?
BN_num_bytes() which you already used in your initial posting?
--
Principal Security Engineer
Akamai Technology
Cambridge, MA
I'm having a heck of a time getting the SAN into a server's CSR.
I believe the relevant sections are:
[ req ]
req_extensions= server_req_extensions
[ server_req_extensions ]
subjectKeyIdentifier= hash
basicConstraints = CA:FALSE
keyUsage = nonRepudiation,
On Fri, Jan 24, 2014, Jeffrey Walton wrote:
I'm having a heck of a time getting the SAN into a server's CSR.
I believe the relevant sections are:
[ req ]
req_extensions= server_req_extensions
[ server_req_extensions ]
subjectKeyIdentifier= hash
basicConstraints
On Fri, Jan 24, 2014 at 12:02 PM, Dr. Stephen Henson st...@openssl.org wrote:
On Fri, Jan 24, 2014, Jeffrey Walton wrote:
I'm having a heck of a time getting the SAN into a server's CSR.
...
Any ideas what I'm doing wrong?
Hmm... it isn't adding any extensions at all. What version of
I don't see a dumb mistake with this one
First, the CSR has multiple SANs:
$ openssl req -text -noout -verify -in servercert.csr
verify OK
Certificate Request:
Data:
Version: 0 (0x0)
Subject: C=XX, ST=XX, L=XX, CN=Test Server/emailAddress=t...@example.com
Subject
On 1/24/2014 6:54 PM, Jeffrey Walton wrote:
I don't see a dumb mistake with this one
First, the CSR has multiple SANs:
$ openssl req -text -noout -verify -in servercert.csr
verify OK
Certificate Request:
Data:
Version: 0 (0x0)
Subject: C=XX, ST=XX, L=XX, CN=Test
On Fri, Jan 24, 2014 at 1:18 PM, Jakob Bohm jb-open...@wisemo.com wrote:
On 1/24/2014 6:54 PM, Jeffrey Walton wrote:
I don't see a dumb mistake with this one
...
[ signing_req ]
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid,issuer
basicConstraints = CA:FALSE
keyUsage =
Oh! what a miss!! Signs of excessive pressure!!! When I divide the program in
multiple files, I create one of the functions like this-
char *dh_sender_pub(DH *dhPar)
{
char *pubinHex=NULL;
DH_generate_key(dhPar);
pubinHex=BN_bn2hex(dhPar-pub_key);
return pubinHex;
}
And I was
From: Matt Caswell [mailto:fr...@baggins.org]
Sent: Wednesday, January 22, 2014 18:01
Second pass with some minor improvements:
On 22 January 2014 22:40, Dave Thompson dthomp...@prinpay.com wrote:
The general public-key sign and verify processes are:
S1. compute hash of data (or for
What is the name of the function to set the callback described below?
*) Add certificate callback. If set this is called whenever a certificate
is required by client or server. An application can decide which
certificate chain to present based on arbitrary criteria: for example
Hey Jeffrey,
What is the name of the function to set the callback described below?
*) Add certificate callback. If set this is called whenever a certificate
is required by client or server. An application can decide which
certificate chain to present based on arbitrary criteria:
On Fri, Jan 24, 2014, Jeffrey Walton wrote:
What is the name of the function to set the callback described below?
*) Add certificate callback. If set this is called whenever a certificate
is required by client or server. An application can decide which
certificate chain to
Hi All
What is the best way to support TLS1.2 procotol alone in an application
currently it is done by creating protocol
sslProtocolMethod = TLSv1_2_method();
ctx = SSL_CTX_new(sslProtocolMethod)
;
options = SSL_OP_NO_TLSv1|SSL_OP_NO_TLSv1_1 |SSL_OP_NO_SSLv2;
#ifndef OPENSSL_NO_SSL3
On Sat, Jan 25, 2014 at 10:29:58AM +0530, Devchandra L Meetei wrote:
What is the best way to support TLS1.2 procotol alone in an application
Do you really mean only TLSv1.2, or do you in fact want = TLSv1.2,
so that when TLSV1.3 comes out the same code will also work with
TLSv1.3?
currently
17 matches
Mail list logo
