The data for the timestamp is done on the signature, not the file. So the TS
command should reflect that.
As far as merging, I would take a look at the actual PDF format.
-Eduardo
-Original Message-
From: q0...@cuba.ionum.ch
Sent: Friday, September 02, 2011 6:42 AM
To:
...
the only thing displayed is 'permanently store this exception' (meaning, not a
name error, etc.)
Craig
On Aug 24, 2011, at 2:22 PM, Eduardo Navarro wrote:
You need to have your Root CA certificate (the one used to issue the
intermmediate CAs and the HTTP cert) to be added to the Trusted Root
You need to have your Root CA certificate (the one used to issue the
intermmediate CAs and the HTTP cert) to be added to the Trusted Root
Certificates store. Firefox manages this separately, same as Apple. Apple
needs to add the CA to the Keychain as a trusted root. Firefox, you need to
add it
Well, textbook explanation of SSL is not short, but once the connection is
established, each party will have a set keys composed of a MAC key (message
authentication code) and an encryption key. Within the SSL record, the payload
is encrypted, and the MAC is basically a hash of the MAC Key +
Serial Number/Randomness apart;
how many certificates would you expect to issue in a year?
How would you deploy the cert for trust among the different browsers?
You should ensure that your certificates for SSL usage specify the appropriate
EKU OID, in addition to path and issuance
Java has tools to create the key pairs and the CSR; you are not required to do
this with OpenSSL. I provided some links below that have some commands.
https://www.digicert.com/easy-csr/keytool.htm
http://nl.globalsign.com/en/support/ssl+certificates/java/java+based+webserver/keytool+commands/
: openssl-users@openssl.orgSubject: Re: Cert Renewal issue + CAcert.org
On Mon, May 16, 2011 at 9:08 PM, Eduardo Navarro
eduardo.nava...@live.comwrote:
4. import response into the keystore
Thanks Eduardo for your nice and very very effective email. But, I am having
problem
Hi,
I am trying to rebuild the SignSIS.exe for symbian signing, using the CHIL
engine from nCipher. I recompiled the patched version of the OpenSSL 0.9.8e,
which is the one that comes bundled with version 11.11 of the software. It
seems I can start loading the engine but it then fails init.
I think you can make your own CA, if you plan to only test this or want to
have people you know and that know you, setup your root as trusted.
If your purpose is just for using an SSL cert for a website you own, then
you are basically better off just buying one from Verisign, Thawte, whoever.