Hi all,
First time posting here so please be gentle ;-)
TL;DR: After a failed handshake, caused by our peer's certificate failing
verification, what is the correct way to get hold of the peer's certificate?
A little more detail:
I'd like my server applications to be able to log some details
> On Jan 15, 2019, at 10:29 AM, Eliot Lear wrote:
>
> I have an application that requires long-lived signatures, perhaps long
> past the point where the signer's cert has expired. I'd like a way to
> extract the signature date from a CMS structure. With all the opaque
> structs that have been
Temporary solutions that "work" tend to become permanent solutions.
That's how products end up shipping with hard-coded admin passwords or similar
back doors.
Charles
-Original Message-
From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf Of
Hubert Kario
Sent:
On Wednesday, 16 January 2019 13:22:53 CET Eliot Lear wrote:
> Hi Hubert
>
> On 16.01.19 12:27, Hubert Kario wrote:
> > For maintaining signatures that need to be valid long into the future
> > standards like CAdES should be used. They keep time of signing in
> > timestamps signed by trusted
Hi Hubert
On 16.01.19 12:27, Hubert Kario wrote:
> For maintaining signatures that need to be valid long into the future
> standards like CAdES should be used. They keep time of signing in timestamps
> signed by trusted time-stamping authorities, along with the rest of
> revocation
> data
On Tuesday, 15 January 2019 22:38:32 CET Eliot Lear wrote:
> Hi Rich and thanks for your response. Please see below.
>
> On 15.01.19 21:12, Salz, Rich via openssl-users wrote:
> >> like a way to extract the signature date from a CMS structure. With all
> >> the opaque structs that have been
