Hi All,
I want to issue my customers certificate signed by my certificate (a
self-signed certificate). I want to limit the issued certificate to not to act
as a CA. I generated the Root CA on command-line via openssl, and the customer
certs are generated dynamically by php script (that
Thanks Goetz, much appreciated!
Regards,
Usman. Date: Sat, 5 May 2007 13:59:04 +0200 From: [EMAIL PROTECTED] CC:
[EMAIL PROTECTED] Subject: Re: How to Limit the Cert chain to some sepcified
number... To: [EMAIL PROTECTED] Hello Usman, --On Mai 05, 2007 14:11:08
+0500 Usman Riaz [EMAIL
Looks like openssl is not in the path. I am not sure if there is acommand-line version like linux of openssl for Windows (I guess you are on Windows). Normally, I use cygwin if i need to use openssl manually on windows.
Regards,
Usman.
P:S. Btw, since your signature says you have access to php5.
Hi David,
Sorry to be rude, but your post just told me what I already know :), my lack of knowledgeat security, but didn't help me a bit :( (not sure if the postwas meant to behelpful). If you have spend the same amount of time writing *what* is wrong with my approch why this should be avoided
From:Goetz Babin-Ebell [EMAIL PROTECTED]Reply-To:openssl-users@openssl.orgTo:openssl-users@openssl.orgSubject:Re: EVP Envelope PKI Confusion...Date:Tue, 03 Apr 2007 21:13:22 +0200MIME-Version:1.0X-Sender:Goetz Babin-Ebell [EMAIL PROTECTED]Received:from mmx1.engelschall.com ([195.30.6.154])
id 3FqWMKgyK+Bs; Tue, 3 Apr 2007 16:29:53 +0200 (CEST)Received:from [192.168.0.98] (jean-claude.mxm [192.168.0.98])by gelas.mail.mxm (Postfix) with ESMTP id CD9E53C0AE;Tue, 3 Apr 2007 16:29:53 +0200 (CEST)Usman Riaz wrote : I want to use PKI to encrypt some data and send it to the customer
1.94.5]
X-List-Name: openssl-users
Return-Path: [EMAIL PROTECTED]
X-OriginalArrivalTime: 03 Apr 2007 15:52:23.0193 (UTC)
FILETIME=[11B04890:01C77608]
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hello Usman,
Usman Riaz schrieb:
Thanks for the reply Jean-Claude, appreciated! Actually the whole
Hi All,
Iwant to use PKI to encrypt some dataand send itto the customer to be decrypted.With my limitied knowledgeabout PKI,the data can be encryptedusing "private key" and then lateron that encrypteddata could be decrypted with the "public key".Whiletrying to find a way to achive thesame, I've
Strange, you posted a question instead of just copying, pasting "BEGIN...END" doing a recompile rerun :D.
Hope this helps,
Regards,
Usman.
From:Kaushalye Kapuruge [EMAIL PROTECTED]Reply-To:openssl-users@openssl.orgTo:openssl-users@openssl.orgSubject:Re: Problem with EVP_Decode and line
Hi*!
I was going through the discussion of some stress testing on this newsgroup,I tooam interested to know if there is a way to stress test with just having2 computers to act as client:) and a single core-duo machine to run as a server. It's a ICOP/BIO_pair based SSL server that i want to test.
There is aexmple implemtation of usage ofbio_pairs in ssltest.c file includedwith the ssl distribution. This should give you a goodidea about how to use them properly.I too took that sameimplemetion from ssltest.cand wrapedit ina class for my IOCP serverwithout too much of a trouble.
Regards,
One way to distinguish between the two is to use openSSL's BIO_pairs. The
idea is to separate the SSL data en/decryption and the transport, so
whatever goes down (the transport or the ssl) you can easily diffrentiate,
and using BIO_pairs will let you use OpenSSL for the SSL part and then you
Hi All,
I am trying to use OpenSSL to encrypt/decrypt some data for that
I am using EVP_* API. I have a question about EVP_En/DecryptUpdate function.
The second param of these functions is a pointer to a buffer where the
En/Decrypted data will be copied by the function, but I wasn't
Hi!
One way is to use bio_pairs. There is an example of bio_pair usage in
'ssl_test.c' file in the OpenSSL package.
Hope this helps,
Regards,
Usman.
From: Rutger Hofman [EMAIL PROTECTED]
Reply-To: openssl-users@openssl.org
To: openssl-users@openssl.org
Subject: Is configuration without
Hello,
I'm trying to write an interface to OpenSSL using BIO pairs. For testing
purposes, I'm doing communication locally in two seperate threads (one
accessing a server context, the other a client context) so I figured I
should worry about thread safety. I read in the OpenSSL documentation
Hello again and thank you for your replies
I'll probably do it that way too. My threads are defined in another
language and I'm pretty sure there is no way for my C module to be aware of
which user thread it is currently running in... so I have nothing
relevant to call
Hello,
This probably is more of a TCP problem then it is of OpenSSL. You might
want to look at SO_KEEPALIVE option for the TCP socket.
Hope this helps,
Regards,
Usman.
Hello,
I want to be able to handle unclean closing of an SSL socket. I have a
client server applications and if the
On 11/30/05, Usman Riaz [EMAIL PROTECTED] wrote:
b. Secondly, I set the SSL version to 3 via SSLv3_method and wait for
client to connect. When the client connects (client is a FireFox
browser,
with SSLv2,3 TLSv1 enabled), on the server side when i try to read
from
the bio (after
From: Mark [EMAIL PROTECTED]
Reply-To: openssl-users@openssl.org
To: openssl-users@openssl.org
Subject: RE: A Few General OpenSSL Questions...
Date: Thu, 1 Dec 2005 12:37:55 -
Hello Usman,
an error. Can someone tell what do i need to do to make
the server
connect
with SSL v3, or
Hi*!
I am implementing SSL support for my IOCP server using bio pairs. I
would like if someone can throw some light on the following ...
a. Do the bio pairs support full duplex data flow, like for example I get
some data from client thats less then a complete SSL record, I write that
Hi*!
I am implementing IOCP server (for Windows OS) supporting SSL. For SSL
part i am trying to use OpenSSL's bio pairs. I have looked at the example in
ssltest.c. As i understand (please correct me if i am wrong) of the three
bios (s_ssl_bio, server, server_io) that get created in
Thanks for the reply Alain, I have changed as you mentioned by placing a
call to do a read on s_ssl_bio (for reading/writing UNEncrypted Data). Here
is how that function looks like...
bool CSSLSession::GetData(std::string RecvData)
{
/*The RecvData WILL contain UN-ENCRYPTED-DATA
ALWAYS intialise your pointers :).
TestSSL()
{
ctx = NULL;
bio_err = NULL;
}
HTH,
Usman.
_
FREE pop-up blocking with the new MSN Toolbar - get it now!
http://toolbar.msn.click-url.com/go/onm00200415ave/direct/01/
That's an easy one ;)
How are you
_
Express yourself instantly with MSN Messenger! Download today it's FREE!
http://messenger.msn.com/
__
OpenSSL Project
Hi *!
I have an application (OS MS Windows) that needs to speak https even if
it is behind SOCKS4/5 proxy. I am using for OpenSSL for the SSL part my
code for using OpenSSL is taken from the file \demos\ssl\cli.c. My problem
is that when I connect via a SOCKS4/5 proxy (after doing the auth
25 matches
Mail list logo
