Hi Fatima,
Put the openssl's option on a command line, e.g to generate
Keys: openssl genrsa -out /PATH/TO/KEY/mykey.pem 1024, then Enter
A+
morchid fatima wrote:
hello,
i'm building a CA which should generate Keys and certificates with using
OpenSSL.
But the commands are interactives ,
Hi,
One is just software the other could be use with Hardware Security Module
(HSM)
crypto-module like nCipher to generate Key, Sign certificates, etc.
A+
Juan Carlos Hernandez Gonzalez wrote:
List
. What difference exist in openssl and openssl-engine
#
Averroes
But soon, the two versions the of openssl will be mixed in v0.9.7.
Juan Carlos Hernandez Gonzalez wrote:
List
. What difference exist in openssl and openssl-engine
__
OpenSSL Project
Hi All,
A simple tutorial to manage CRLs into Netscape 7.x
URL: http://www.medracen.net/pki.php?url=tutorials
Comments suggestions are welcome.
#---
Averroes
__
OpenSSL Project http
Yes
±è¹üÁø wrote:
Hello. I¡¯m currently using openssl 0.9.4 (executable) and trying to send a
OCSP request to a server, but there seem to be lacking ocsp command in the
standard command list. It is because of the version?
see version 0.9.7beta or the last dev snapshot.
#-
Averroes
Hi Daniel,
OK the signed message is in pkcs7, then it is sufficient
to read this pkcs7 in PEM format and print out the signing certificate.
with openssl smime you may choose the output format SMIME, PEM and DER
Voila!
Daniel H. Gomes wrote:
Hi Averroes,
I did that and it worked fine, I
Hi Daniel,
Try this and change according your settings
# verify the signature
[averroes@dev PWC]$ openssl smime -pk7out \
-in ../trash/messages-22-11-2001.sig | openssl pkcs7 -print_certs -noout
Regards
#
Averroes
Daniel H. Gomes wrote:
Hi,
I've signed an S/MIME message and after
Hi Andrea,
Try this and ajust according to your configuration
# verify the signature
[averroes@dev PWC]$ openssl smime -pk7out \
-in ../trash/messages-22-11-2001.sig | openssl pkcs7 -print_certs -noout
Regards
#--
Averroes
Andrea Nagar wrote:
I need to verify a signature present
http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
#-
Averroes
__
OpenSSL Project
Hi Stefan
Use openssl smime -sign ...
Regards
Stefan Thom wrote:
Hi there,
has anybody an idea how to sign a binary Document, like a word Document,
that if it is downloaded from a Web Server the signature is validated.
Like with signed jar archives they are validated before they are
...
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
#--
Averroes
Hi All,
Perhaps someone has the answer?
I want to sign a file (provided by a requester) with some information
like : hash+timestamp, then, transforms this signed file in PKCS7 structure
for sending back to the requester.
Any help will be appreciated.
Regards
#---
Averroes
at the top of the chain.
Regards
#-
Averroes
Lily Lu wrote:
Hi,
I want to create certificate chain. Which openssl command support
certificate chain. Is there any document that I can read?
Thank,
Lily Lu
__
OpenSSL
question but what the story in just one
sentence please.
thanks a lot...
fatih.
-Original Message-
From: Averroes [mailto:[EMAIL PROTECTED]]
Sent: Monday, April 22, 2002 4:20 PM
To: [EMAIL PROTECTED]
Subject: Re: v3 certificates
Hi,
You have to use extension section of openssl
Thanks Richard and Peter
Averroes wrote:
Hi All,
Does anyone know what value should be use
in an ExtendedKeyUsage extension for OCSP Responder Certificate.
I use only those:
extendedKeyUsage=serverAuth
but the rfc2560, Chap. 4.2.2.2 Authorized Responders says:
OCSP signing
Response verify OK
0x6EA9AB1BAA0EFB9E19094440C317E21B: good
This Update: Apr 22 17:56:05 2002 GMT
Next Update: Apr 23 17:56:05 2002 GMT
#---
#-
Averroes
__
OpenSSL
Response verify OK
0x6EA9AB1BAA0EFB9E19094440C317E21B: good
This Update: Apr 22 17:56:05 2002 GMT
Next Update: Apr 23 17:56:05 2002 GMT
#---
#-
Averroes
__
OpenSSL
it listen on
port and wait for requests. Does openssl OCSP Responder mature
to support attack throughout the wild network?
Regards
#--
Averroes
__
OpenSSL Project http://www.openssl.org
User
is how to write this SN's value when
I sign the CSR?
Regards
#-
Averroes
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List
Hi all,
Want to set up oscp service in my website:
Does oscp implementation in openssl act as a service daemon or
it is just a utility tool?
Could be very cool if someone has examples of configuration!
Regards
#--
Averroes
Hi,
Does anyone know if it is possible to
generate wireless certificate with openssl?
Or if it will be available in a near future?
Regards
#-
Averroes
__
OpenSSL Project http
--
# .- ...- . .-. .-. --- . ... .- .-.-.- .- -.-- ... .-
# Averroes A. Aysha
# Think Linux, Think Slackware!
# e-fingerprint = 63:B0:7D:A1:23:BC:25:96:AE:B7:76:36:F3:07:1F:88
# .- ...- . .-. .-. --- . ... .- .-.-.- .- -.-- ... .-
__
OpenSSL Project
Communication Systems LTD
--
# .- ...- . .-. .-. --- . ... .- .-.-.- .- -.-- ... .-
# Averroes A. Aysha
# Think Linux, Think Slackware!
# e-fingerprint = 63:B0:7D:A1:23:BC:25:96:AE:B7:76:36:F3:07:1F:88
# .- ...- . .-. .-. --- . ... .- .-.-.- .- -.-- ... .-
smime.p7s
Description: S/MIME
Hi list,
Just a simple question,
How to upload CRL files into Netscape Communicator?
It seems that mime/Type is important, but no so clear for me!
Regards
--
# .- ...- . .-. .-. --- . ... .- .-.-.- .- -.-- ... .-
# Averroes A. Aysha
# Think Linux, Think Slackware!
# e-fingerprint = 63
to write here cRLNumber?
Regards
--
# .- ...- . .-. .-. --- . ... .- .-.-.- .- -.-- ... .-
# Averroes A. Aysha
# Think Linux, Think Slackware!
# e-fingerprint = 63:B0:7D:A1:23:BC:25:96:AE:B7:76:36:F3:07:1F:88
]
--
# .- ...- . .-. .-. --- . ... .- .-.-.- .- -.-- ... .-
# Averroes A. Aysha
# Think Linux, Think Slackware!
# e-fingerprint = 63:B0:7D:A1:23:BC:25:96:AE:B7:76:36:F3:07:1F:88
# .- ...- . .-. .-. --- . ... .- .-.-.- .- -.-- ... .-
smime.p7s
Description: S/MIME Cryptographic Signature
Hi list,
Are ReasonCode CRLReason CRL EXTensions implemented
in openssl-0.9.6b?
idem with:
cRLNumber, deltaCRLIndicator,
If someone have a patch for that, it would be
kindy to share it.
Regards
--
# .- ...- . .-. .-. --- . ... .- .-.-.- .- -.-- ... .-
# Averroes A. Aysha
]
--
# .- ...- . .-. .-. --- . ... .- .-.-.- .- -.-- ... .-
# Averroes A. Aysha
# Think Linux, Think Slackware!
# e-fingerprint = 63:B0:7D:A1:23:BC:25:96:AE:B7:76:36:F3:07:1F:88
# .- ...- . .-. .-. --- . ... .- .-.-.- .- -.-- ... .-
smime.p7s
Description: S/MIME Cryptographic Signature
--
# .- ...- . .-. .-. --- . ... .- .-.-.- .- -.-- ... .-
# Averroes A. Aysha
# Think Linux, Think Slackware!
# e-fingerprint = 63:B0:7D:A1:23:BC:25:96:AE:B7:76:36:F3:07:1F:88
# .- ...- . .-. .-. --- . ... .- .-.-.- .- -.-- ... .-
smime.p7s
Description: S/MIME Cryptographic Signature
of the chain
pkcs7 format. So I reversed the chain, putting the Root CA at the begining.
But idem. ;-(
Did anyone try and manage to install certificate chain in Opera Browser,
and if yes, How did you do it?
Regards
--
# .- ...- . .-. .-. --- . ... .- .-.-.- .- -.-- ... .-
# Averroes A. Aysha
/
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
--
# .- ...- . .-. .-. --- . ... .- .-.-.- .- -.-- ... .-
# Averroes A. Aysha
# Think Linux
in the trusted path. I donno how to do so. what
utility i need to use for this conversion.
Thanks in advance.
srinu
--
# .- ...- . .-. .-. --- . ... .- .-.-.- .- -.-- ... .-
# Averroes A. Aysha
# Think Linux, Think Slackware!
# e-fingerprint = 63:B0:7D:A1:23:BC:25:96:AE:B7:76:36:F3:07:1F:88
http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
--
# .- ...- . .-. .-. --- . ... .- .-.-.- .- -.-- ... .-
# Averroes A. Aysha
# Think Linux, Think Slackware!
# e
.
Name: CA.pdf
CA.pdfType: Acrobat (application/pdf)
Encoding: base64
--
# .- ...- . .-. .-. --- . ... .- .-.-.- .- -.-- ... .-
# Averroes A. Aysha
# Think Linux, Think Slackware!
# e-fingerprint = 63:B0:7D:A1:23:BC:25:96:AE:B7:76:36:F3:07:1F:88
to produce
this chain?
Any ideas or comments will be very appreciated!
Thank you
PS. Many thanks for your last comments!
--
# .- ...- . .-. .-. --- . ... .- .-.-.- .- -.-- ... .-
# Averroes A. Aysha
# Think Linux, Think Slackware!
# e-fingerprint = 73B7 2559 2968 5094 3B95 5C70 4E85 5F94
the PKCS#12 file doing,
including the password, that and I'll see if I can trace what the
problem is.
Steve.
--
# .- ...- . .-. .-. --- . ... .- .-.-.- .- -.-- ... .-
# Averroes A. Aysha
# Think Linux, Think Slackware!
# e-fingerprint = 73B7 2559 2968 5094 3B95 5C70 4E85 5F94 6068 1DD8
regards,
Sebastian
Best Regards
--
# .- ...- . .-. .-. --- . ... .- .-.-.- .- -.-- ... .-
# Averroes A. Aysha
# Think Linux, Think Slackware!
# e-fingerprint = 73B7 2559 2968 5094 3B95 5C70 4E85 5F94 6068 1DD8
# http://www.keyserver.net/en
and immediately after signing:
Fri Sep 14 10:58:32 BST 2001
Any ideas?
Regards
--
# .- ...- . .-. .-. --- . ... .- .-.-.- .- -.-- ... .-
# Averroes A. Aysha
# Think Linux, Think Slackware!
# Network Security Auditor (NSA)
# e-fingerprint = 73B7 2559 2968 5094 3B95 5C70 4E85 5F94 6068 1DD8
Ooops...
Sorry, Sorry!!!
zhu qun-ying wrote:
Averroes wrote:
Hi all,
Perhaps someone noticed this:
When I create a certificate there is difference
between system (OS) time and creation time of certificate.
Approximately one hour.
certificate info:
Validity
--
# .- ...- . .-. .-. --- . ... .- .-.-.- .- -.-- ... .-
# Averroes A. Aysha
# Think Linux, Think Slackware!
# Network Security Auditor (NSA)
# e-fingerprint = 73B7 2559 2968 5094 3B95 5C70 4E85 5F94 6068 1DD8
# http://www.keyserver.net/en
suggestions or comments would be appreciated
Thanks
--
# .- ...- . .-. .-. --- . ... .- .-.-.- .- -.-- ... .-
# Averroes A. Aysha
# Think Linux, Think Slackware!
# Network Security Auditor (NSA)
# e-fingerprint = 73B7 2559 2968 5094 3B95 5C70 4E85 5F94 6068 1DD8
# http://www.keyserver.net/en
if they are encrypted or not?
Regards
--
# .- ...- . .-. .-. --- . ... .- .-.-.- .- -.-- ... .-
# Averroes A. Aysha
# Think Linux, Think Slackware!
# Network Security Auditor (NSA)
# e-fingerprint = 73B7 2559 2968 5094 3B95 5C70 4E85 5F94 6068 1DD8
# http://www.keyserver.net/en
--
# .- ...- . .-. .-. --- . ... .- .-.-.- .- -.-- ... .-
# Averroes A. Aysha
# Think Linux, Think Slackware!
# Network Security Auditor (NSA)
# e-fingerprint = 73B7 2559 2968 5094 3B95 5C70 4E85 5F94 6068 1DD8
# http://www.keyserver.net/en
[EMAIL PROTECTED]
--
# .- ...- . .-. .-. --- . ... .- .-.-.- .- -.-- ... .-
# Averroes A. Aysha
# Think Linux, Think Slackware!
# Network Security Auditor (NSA)
# e-fingerprint = 73B7 2559 2968 5094 3B95 5C70 4E85 5F94 6068 1DD8
# http://www.keyserver.net/en
PROTECTED]
Automated List Manager [EMAIL PROTECTED]
--
#--
# Averroes A. Ayshahttp://www.keyserver.net/en/
# Think Linux, Think Slackware!
# Network Security Auditor (NSA)
# [EMAIL
]
--
#--
# Averroes A. Ayshahttp://www.keyserver.net/en/
# Think Linux, Think Slackware!
# Network Security Auditor (NSA)
# [EMAIL PROTECTED]
# Fingerprint = 73B7 2559 2968 5094 3B95 5C70 4E85 5F94 6068 1DD8
Hi Michael,
It was my fault, Netscape security tools configuration mistake.
Thank for your suggestions
Ciao!
Michael Ströder wrote:
Averroes wrote:
But as the time when I wanted to sign my email I got an error message
telling me : this operation cannot be performed because a required
!
--
#--
# Averroes A. Ayshahttp://www.keyserver.net/en/
# Think Linux, Think Slackware!
# Network Security Auditor (NSA)
# [EMAIL PROTECTED]
# Fingerprint = 73B7 2559 2968 5094 3B95 5C70 4E85 5F94 6068 1DD8
!
#--
# Averroes A. Aysha
# Think Linux, Think Slackware!
# Network Security Auditor (NSA)
# [EMAIL PROTECTED]
#--
__
OpenSSL Project http
!
#-
# Averroes A. Aysha Think Linux, Think Slackware!
# Network Security Auditor (NSA)
# [EMAIL PROTECTED
50 matches
Mail list logo
