Hi *,
After a d2i_SSL_SESSION() session has been successfully
resumed SSL_get_peer_certificate() returns NULL.
Am I doing something wrong or is that the expected result?
Thanks in advance.
--
Arno Garrels
__
OpenSSL Project
Arno Garrels wrote:
Hi *,
After a d2i_SSL_SESSION() session has been successfully
resumed SSL_get_peer_certificate() returns NULL.
Am I doing something wrong or is that the expected result?
Sorry, wrong test case, it actually works.
--
Arno Garrels
);
SSL_set_session(FSsl, CachedSession);
SSL_set_bio(FSsl, FIBio, FIBio);
SSL_set_info_callback(FSsl, InfoCb);
BIO_ctrl(FSslBio, BIO_C_SET_SSL, BIO_NOCLOSE, FSsl);
If (BIO_read(FSslbio, @Dummy, 0) 0) and (not BIO_should_retry(FSslbio)) then
// Error here //
--
Arno Garrels
.
--
Arno Garrels
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager majord...@openssl.org
Hi,
How to decrypt an encrypted private key from a X509_PKEY
structure? Is there some API for this purpose or some
example I should look at?
Thanks,
--
Arno Garrels
__
OpenSSL Project http
Steffen DETTMER wrote:
* Arno Garrels wrote on Sun, Oct 11, 2009 at 16:10 +0200:
Why are issuers looked up by subject at all?
Because that's what the standards (X.509, RFC3280 et al) require.
Ah ok, but shouldn't name duplicates be taken into account when
issuers are looked up, even
Dr. Stephen Henson wrote:
On Sat, Oct 10, 2009, Arno Garrels wrote:
Hi,
VeriSign issued some different CA certificates with the same
subject (see below). One of such a pair will always fail with
error X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT.
However these certificates are part
%3B931125
My Windows application must support them as well, how to work
around this issue?
Why are issuers looked up by subject at all?
--
Arno Garrels
-BEGIN CERTIFICATE-
MIIDAjCCAmsCEDnKVIn+UCIy/jLZ2/sbhBkwDQYJKoZIhvcNAQEFBQAwgcExCzAJ
X509_V_ERR_CERT_REVOKED.
It doesn't make a difference whether I use X509_load_crl_file() or
X509_STORE_add_crl().
What am I doing wrong?
--
Arno Garrels
__
OpenSSL Project http://www.openssl.org
User
, X509ToCheck, UntrustedChain);
X509_STORE_CTX_set_ex_data(StoreCtx, 0, Self)
X509_STORE_CTX_set_verify_cb(StoreCtx, StoreVerifyCallback);
X509_STORE_CTX_trusted_stack(StoreCtx, TrustedChain);
X509_STORE_CTX_set_purpose(StoreCtx, Purpose);
X509_verify_cert(StoreCtx);
--
Arno Garrels
Arno Garrels wrote:
However it fails as described in my
previous mail when I try to verify a cert on demand against some
custom store.
Got it working now, don't ask me what was wrong in my code, guess it
was just my bad testing.
--
Arno Garrels
X509_V_ERR_CERT_REVOKED.
It doesn't make a difference whether I use X509_load_crl_file() or
X509_STORE_add_crl().
What am I doing wrong?
--
Arno Garrels
__
OpenSSL Project http://www.openssl.org
User Support
Baig, Attaullah wrote:
Please help am I missing something
You are most likely not using the correct header files.
Some constants changed.
--
Arno Garrels
Baig
__
OpenSSL Project http
Hi,
Why does it always return 1 even after a previous
call to RAND_cleanup() in Windows?
Thanks,
Arno Garrels
__
OpenSSL Project http://www.openssl.org
User Support Mailing List
Hello,
How to force negotiation of AES256-SHA without disabling the
AES128-SHA at the server-side when a client sends AES128-SHA
as its first preference and AES256-SHA as second?
Thanks,
Arno Garrels
__
OpenSSL Project
Lutz Jaenicke wrote:
Please have a look into SSL_OP_CIPHER_SERVER_PREFERENCE available
via SSL_CTX_set_options().
Thank you very much!
Arno Garrels
__
OpenSSL Project http://www.openssl.org
User
looking, blue security alert.
If somebody has created an Authenticode certificate with OpenSSL
or makecert that's being accepted by Vista UAP please let me/us
know.
Thanks,
Arno Garrels
__
OpenSSL Project
from Windows certificate stores.
CertOpenStore(), CertEnumCertificatesInStore()
Then this line (Delphi):
X509 := d2i_X509(nil, @pCertContext.pbCertEncoded,
pCertContext.cbCertEncoded);
Arno Garrels
__
OpenSSL Project
or may be just the fact that a cert has
to be issued by VeriSign, who knows?
Arno Garrels
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users
Perry L. Jones wrote:
How do I dup a private key there is an X509_dup but I don't see a
EVP_PKEY_dup ?
Good question, I missed that feature as well.
Thanks,
Perry
__
OpenSSL Project
Arno Garrels wrote:
BIO_write() returns -1 and BIO_should_retry() = 0.
Error is error code; 336416834 in .\ssl\s3_lib.c line 1607.
Finally I got it running, with the expense of a stupid call to
ERR_clear_error before each BIO I/O operation, slows down performance
remarkable
- Original Message -
From: Arno Garrels [EMAIL PROTECTED]
To: Eduardo Pérez Ureta [EMAIL PROTECTED]
Sent: Monday, December 05, 2005 12:55 PM
Subject: Re: BIO_write fails after upd 0.9.7i = 0.9.8a
Eduardo Pérez Ureta wrote:
On 2005-12-04 13:12:29 +0100, Arno Garrels wrote:
I'm using
and one on the sslbio. Also any further requests
are answered w/o any error.
Any hint is welcome, thanks.
Arno Garrels
__
OpenSSL Project http://www.openssl.org
User Support Mailing List
at functions SSL_CTX_set_session_id_context() and
SSL_set_session_id_context().
Arno Garrels
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users
SSL_set_session() followed by
SSL_SESSION_Free().
Sometimes I get an AV on the call to SSL_SESSION_Free().
Any idea why?
BTW: I've no problem when I use i2d_SSL_SESSION/d2i_SSL_SESSION.
Arno Garrels
Win, openssl v0.9.7g, Delphi.
exception message : AV at Addr 0121B029 in Modul 'LIBEAY32.dll
25 matches
Mail list logo