Hi

2021-06-29 Thread Jean Sweeny via openssl-users

client certificate error

2021-06-29 Thread Paulo Wollny
Dear @ll My environment: OpenSSL 1.1.1f 31 Mar 2020 Ubuntu 20.04 Server version: Apache/2.4.41 (Ubuntu) Server built: 2021-06-17T18:27:53 My problem: connecting to a secure server requiring client certificate, i get the following error when presenting my certificate:

Re: How did I break this signature library?

2021-06-29 Thread Sage Gerard
Hello, I recently resubscribed so I'm unsure if this post was emailed back out to members. If you saw it and the question was bad, please let me know what I can simplify or clarify. Thank you. On 6/27/21 11:44 PM, Sage Gerard wrote: > Hi all, > > Context:

Re: Compilation issues

2021-06-29 Thread david raingeard
Ok, here it is. It compiled mostly ok (some fixes for solaris 2.6, like inttypes.h instead of stdint). The test suite fails (dubious error). *Tls 1.2 works* just fine (*openssl s_client -connect google.com:443 -tls1_2 -trace*) but *Tls 1.3 fails* starting when the

Re: Compilation issues

2021-06-29 Thread Jan Just Keijser
On 29/06/21 11:58, david raingeard wrote: Hello, Technically, why prevents openssl 1.1.1g from compiling correctly on some operating systems like Solaris 2.6, CentOS 7.8,... ? you will have to provide more details - openssl 1.1.1g compiles just fine on CentOS 7 (7.9 in my case). Can't talk

Need help in removing secp521r1 from openssl-1.1.1g and adding TLS_GREASE_BA cipher.

2021-06-29 Thread vinod mg
Hi All, I am bit a newbie and need some assistance in couple of things - 1) Supress or a way to remove secp521r1 from the currenlty installed openssl. 2) Add the cipher - "0xbaba TLS_GREASE_BA GREASE" like we see in chrome. I am ok with custom install as well, if above cannot be done with

Re: SM2/3/4 algorithm based TLS connections

2021-06-29 Thread Kevin Lengauer
Dear Matt Thank you for the quick reply and confirmation. Regards Kevin > Am 29.06.2021 um 12:02 schrieb Matt Caswell : > >  > >> On 29/06/2021 10:29, Kevin Lengauer wrote: >> Dear openssl-team and users >> Is it possible with OpenSSL 1.1.1k to do a TLS handshake using key material >> and

Re: SM2/3/4 algorithm based TLS connections

2021-06-29 Thread Matt Caswell
On 29/06/2021 10:29, Kevin Lengauer wrote: Dear openssl-team and users Is it possible with OpenSSL 1.1.1k to do a TLS handshake using key material and certificate based on SM2/SM3/SM4 assuming I somehow got my hands on such keys/certificates? I think it is only possible with OpenSSL 3.0

Compilation issues

2021-06-29 Thread david raingeard
Hello, Technically, why prevents openssl 1.1.1g from compiling correctly on some operating systems like Solaris 2.6, CentOS 7.8,... ? thank you !

SM2/3/4 algorithm based TLS connections

2021-06-29 Thread Kevin Lengauer
Dear openssl-team and users Is it possible with OpenSSL 1.1.1k to do a TLS handshake using key material and certificate based on SM2/SM3/SM4 assuming I somehow got my hands on such keys/certificates? I think it is only possible with OpenSSL 3.0 to create them. After checking the web and the