On Thu, Mar 09, 2006 at 05:33:42AM -0600, uno wand wrote:
I have a java application that uses HmacSHA to generate encryption key from
a
password, and the encrypted msg is send to the C application. Both Java and
C apps shared the same password and salt, and the Java app is using
AES/128/CBC
On Thu, Mar 09, 2006 at 09:13:05AM -0500, Doug Frippon wrote:
I most admit that I haven`t tried that search exactly but I ve got
this error with ISAKMPD adn try with that instead of openssl.
Thx
But I'd like to know what should I do with all the certs that I have
to create. Which should go on
On Thu, Mar 09, 2006 at 10:46:51AM -0500, Doug Frippon wrote:
I'm not sure that I should post it on a OpenBSD mailling list because
my ISAKMPD is working well with pre-shared key. The only bog come from
the certificate. I know that I should create a CA certificate, a
certificate for the OBSD
On Wed, Mar 08, 2006 at 01:20:15PM +, Stuart Halliday wrote:
When you create the user .P12 files, then include the CA certificate
into it, i.e.
use a certfile that contains the user cert and the self signed CA
certificate.
The p12 file contain thus the private key of a user, the
On Wed, Mar 08, 2006 at 03:10:23PM -0500, Doug Frippon wrote:
Hi, I am trying to generate certificate that i,ll be using for a ipsec
segment between a OBSD 3.8 and a Windows worstation. I'm using ISAKMPD
for this on the OBSD side and the security filter on Windows. If I use
a pre-shared key
On Fri, Mar 03, 2006 at 08:12:41AM +, Mike McEwen wrote:
I want my application to trust certificates sign by the major CAs out
there. Does anyone know of a way to hook up to the place where
Windows stores its list of CAs? Or maybe just a place where I can
download the keys of the
On Fri, Mar 03, 2006 at 12:11:24PM -0500, Xie Grace Jingru-LJX001 wrote:
I generated the key and self-signed certificate by doing the following:
openssl genrsa -out privkey.pem 2048
openssl req -new -x509 -key privkey.pem -out cacert.pem -days 1095
I install the cert and key on my HTTPS
On Fri, Mar 03, 2006 at 02:02:46PM -0500, OpenSSLGRT wrote:
When calling RAND_pseudo_bytes is it correct that the PRNG will not
give the same result even though I have the same seed (I thought if I
had the same seed I could get the same results each time)?
From 'man RAND_seed'
On Thu, Mar 02, 2006 at 11:52:50AM +0100, Shulman Alexandre wrote:
I'm trying to write a script able to create a self-signed certificate
automaticaly. I'm using the command:
openssl req -new -key ${KEY} -x509 -out ${CERT}
Unfortunately, I have to enter the DN information manualy.
Using openssl as a CA, I'm wondering what the best way is to renew a
certificate without first revoking the previous one. Revoking the previous
one would leave a window of vulnerability where a machine may be trying to
use the old certificate, as it hasn't yet downloaded the new one, but other
On Wed, Mar 01, 2006 at 06:06:22PM +0530, Ambarish Mitra wrote:
The openssl command line tool works fine. However, I have to use this in a
C program. Therefore I was asking the API function name which can extract
these information from within the C code.
$ cd openssl-0.9.8a/apps
$ less x509.c
On Wed, Mar 01, 2006 at 12:01:52PM -0800, Carl Youngblood wrote:
Can somebody please explain to me how to compile openssl with sha-256
support? I have built the latest version from source but still can't
seem to find a way to get it working.
How *exactly* did you compile from source,
I'm trying to get a client to verify a server certificate signed by a sub-CA
when the client has only the root CA certificate.
I'm using TinyCA (GUI wrapper around OpenSSL) as the CA. Here's what I've
done:
1. Created a root CA (CN=root.ca.linnet.org)
2. Created a sub CA under this
On Mon, Feb 27, 2006 at 01:41:33PM +0100, Dr. Stephen Henson wrote:
Since you didn't include the root CA it isn't possible to say why it isn't
excluded.
I notice the small serial numbers in the certificates and some invalid
extensions in there. I'd suggest using the CA.pl script (if you use
On Mon, Feb 27, 2006 at 07:24:56AM -0800, John Doe wrote:
ld.so.1: /usr/local/ssl/bin/openssl: fatal: libssl.so.0.9.7: open
failed: No such file or directory
I don't understand 'cause openssl is correctly installed and my $PATH
and
$LD-LIBRARY_PATH seem to be correct.
On Mon, Feb 27, 2006 at 08:05:59PM +0100, Dr. Stephen Henson wrote:
On Mon, Feb 27, 2006, Brian Candler wrote:
On Mon, Feb 27, 2006 at 01:41:33PM +0100, Dr. Stephen Henson wrote:
Since you didn't include the root CA it isn't possible to say why it isn't
excluded.
I notice
On Mon, Feb 27, 2006 at 07:36:16PM +, Brian Candler wrote:
Ah. I had just used -cert ../server.example.com-cert.pem (where this file
contains all the certificates). So now I've added -CAfile as well, pointing
to the same file:
#!/bin/sh
cd content
openssl s_server -cert
17 matches
Mail list logo