Which version to upgrade to?

2021-12-20 Thread LN via openssl-users
Hello, I'm currently using a pre-release version of openssl 1.1.1 and want to upgrade to a release version. With the release of openssl 3.0 (and now 3.0.1) while 1.1.1 is still ongoing development, do you recommed using one version over the other? Is there an advantage to use one or the other

Re: OpenSSL and DH parameters

2013-10-25 Thread LN
Hi, I mean in a typical usage of OpenSSL is it mandatory to call SSL_CTX_set_tmp_dh() if I call SSL_CTX_use_certificate() and  SSL_CTX_use_PrivateKey(). I know that for RSA keys, for example, the session key exchange is done using the public keys of the client and server. If my understanding is

Re: OpenSSL and DH parameters

2013-10-25 Thread LN
for an RSA encrypted client-server session does not involve using the RSA public keys, then when is RSA used in that session ? On Friday, October 25, 2013 4:49 PM, Viktor Dukhovni openssl-us...@dukhovni.org wrote: On Fri, Oct 25, 2013 at 06:35:08AM -0700, LN wrote: I mean in a typical usage

using openssl API in commercial apps

2013-06-10 Thread LN
Hi, Is it allowed to use the OpenSSL API in commercial applications ? What license governs the OpenSSL library ? Thanks!

Re: Windows certificate store support

2013-02-05 Thread LN
Hi, For access to the windows store, openssl provides the CAPI engine. I've looked into this recently, because I needed the same support for loading server side certificates with CAPI engine, but unfortunately, I learned that there is no support for this in an official release of openssl (I

Re: How to over-ride SSL_CTX_use_PrivateKey_file() behavior with custom engine

2012-12-08 Thread LN
). From: Jeffrey Walton noloa...@gmail.com To: openssl-users@openssl.org Sent: Friday, December 7, 2012 4:52 PM Subject: Re: How to over-ride SSL_CTX_use_PrivateKey_file() behavior with custom engine On Fri, Dec 7, 2012 at 5:05 AM, LN lnicu...@yahoo.com wrote: ... MS CAPI has an option to mark

Re: How to over-ride SSL_CTX_use_PrivateKey_file() behavior with custom engine

2012-12-07 Thread LN
(through boost::asio::ssl) :) From: Jakob Bohm jb-open...@wisemo.com To: openssl-users@openssl.org Sent: Thursday, December 6, 2012 12:23 PM Subject: Re: How to over-ride SSL_CTX_use_PrivateKey_file() behavior with custom engine On 12/6/2012 9:13 AM, LN wrote

Re: How to over-ride SSL_CTX_use_PrivateKey_file() behavior with custom engine

2012-12-06 Thread LN
Hi, Somehow related to private keys but about loading them with CAPI engine... Does someone know if the ENGINE_load_private_key() for CAPI engine returns the PUBLIC KEY ? I have a feeling it does so because I tried to save that  returned EVP_PKEY to a PEM file with PEM_write_bio_PrivateKey and

loading and saving the private key to PEM file using CAPI engine

2012-12-03 Thread LN
Hi, I'm using the OpenSSL CAPI engine and ENGINE_load_private_key to load the private key for a certificate in the windows certificate store. After loading the private key, I try to save it to a PEM file with PEM_write_bio_PrivateKey (or PEM_write_bio_RSAPrivateKey). The problem is that when I