Oh my, I figured it out after digging through the OpenSSL source code.
My CA certificate and the client certificate both had the same common
name, so they were clobbering each other.
Changing the name of the CA certificate solved the problem.
On Sun, 15 Nov 2020 at 14:10, Samuel Williams
wrote
Hello
I generate a CA (self signed), and then generate a certificate from
that CA, which should be used by a HTTP/2 client and server during
testing.
This code was working as recently as 12 months ago, but it seems like
something has stopped it from verifying correctly.
Here is how the CA is
So what is the valid way to do it? Invoke it with a 1 byte array? Maybe an
example should be added to the manual page?
On Thu, 6 Feb 2020 at 23:18, Marian Beermann wrote:
> > Is it valid to call:
> >
> > size_t size = SSL_get_finished(ssl, NULL, 0);
>
> No
>
> > Because SSL_get_finished invokes
Is it valid to call:
size_t size = SSL_get_finished(ssl, NULL, 0);
So we can determine the length?
Because SSL_get_finished invokes memcpy even if the size is 0, so is the
undefined behaviour?
Thanks.
Thanks everyone, your replies were most helpful.
On Sat, 2 Nov 2019 at 06:42, Jordan Brown
wrote:
> On 10/31/2019 7:35 AM, Viktor Dukhovni wrote:
>
> My advice would be to avoid specific support for any *particular* digest
> algorithm. Instead, provide bindings to:
>
> -
I am maintaining the OpenSSL bindings for Ruby, and I'm considering
exposing SHA3 and BLAKE digests.
In addition, for the first time, I wrote some tests to test ALL algorithms
we expose, and found that "DSS", "DSS1" and "SHA" no longer exist.
I'm going to assume this algorithm is removed because
Hello,
I am trying to understand what is the correct initialization process for
Ruby's SSL module. It's not my area so any input would be most welcome.
https://github.com/ruby/openssl/pull/267
Thanks,
Samuel
