[openssl-users] Verifying a timestamp signed using a cert issued by a sub CA (intermediate)

Hi! I'm trying to verify a timestamp that was signed using a signer certificate that has been issued by an intermediate CA. I'm only able to verify when specifying the intermediate CA certificate as "-untrusted" and the root CA cert as "-CAfile": openssl ts -verify -in /tmp/out10.tsp -queryfile

Re: [openssl-users] Same library usage for DTLS on SCTP and UDP

Thank-you Matt. We will upgrade and test On 13-Nov-2017 5:36 PM, "Matt Caswell" wrote: > > > On 13/11/17 11:42, Grace Priscilla Jero wrote: > > It is 1.1.0f version. > > Ah! This is probably this bug: > > https://github.com/openssl/openssl/issues/3723 > > Which was fixed in

Re: [openssl-users] How to compile for ARM-Cortex M4?

Help please... experts ?!! On Fri, Nov 10, 2017 at 12:52 PM, Ajay Garg wrote: > Hi All. > > I am using bleeding-edge openssl code, and wish to compile it for > https://www.digikey.com/product-detail/en/microchip- > technology/ATSAM4E8CA-AUR/ATSAM4E8CA-AURCT-ND/4140758 >

[openssl-users] Fwd: Build OpenSSL for Intel Xeon Phi

Hi, please, post my question. -- С уважением, Александр Дорошенко Тел.: моб. +7(951)3326360 --- Begin Message --- Hi, I try build OpenSSl for Intel Xeon Phi coprocessor. So far as I understand this problem reduced to building

[openssl-users] Building OpenSSL for Intel Xeon Phi

Hi, I try build OpenSSl for Intel Xeon Phi coprocessor. So far as I understand this problem reduced to building OpenSSL for "linux-generic64" as target. ( https://software.intel.com/sites/default/files/article/373907/intel-r-xeon-phi-tm-cluster-configuration_1.pdf

Re: [openssl-users] Automatically populating X509_STORE object cache from directory

On 13/11/2017 14:53, Steven Logan via openssl-users wrote: Hi, We have an embedded device which will be loaded with a public key for validating data signatures. We identify this key by means of its SHA-1 fingerprint; to do this we have implemented a custom X509_LOOKUP_METHOD. The lookup,

[openssl-users] Automatically populating X509_STORE object cache from directory

Hi, We have an embedded device which will be loaded with a public key for validating data signatures. We identify this key by means of its SHA-1 fingerprint; to do this we have implemented a custom X509_LOOKUP_METHOD. The lookup, performed via X509_LOOKUP_by_fingerprint works great, that is

Re: [openssl-users] Same library usage for DTLS on SCTP and UDP

On 13/11/17 11:42, Grace Priscilla Jero wrote: > It is 1.1.0f version. Ah! This is probably this bug: https://github.com/openssl/openssl/issues/3723 Which was fixed in 1.1.0 here: https://github.com/openssl/openssl/commit/21815512063d00325fd8e25f3f39ced047cb968b That fix was made available

Re: [openssl-users] Same library usage for DTLS on SCTP and UDP

It is 1.1.0f version. Thanks, Grace On 13-Nov-2017 4:02 PM, "Matt Caswell" wrote: On 13/11/17 06:48, Grace Priscilla Jero wrote: > Hi, > > We are using openssl library for UDP and SCTP connections. The library > is compiled with "sctp" option. But when it is used for DTLS

Re: [openssl-users] Same library usage for DTLS on SCTP and UDP

On 13/11/17 06:48, Grace Priscilla Jero wrote: > Hi, > > We are using openssl library for UDP and SCTP connections. The library > is compiled with "sctp" option. But when it is used for DTLS on UDP the > connection hangs at SSL_accept. > > When we remove the sctp option in compilation, the