On 18/03/2021 01:22, Robert Moskowitz wrote:
On 3/17/21 8:17 PM, Viktor Dukhovni wrote:
Well, CSRs are self-signed, and X25519 does not support signing, so
you CANNOT have an X25519 CSR.
Slap myself on the forehead
Of course I know that. But did not stop to think this through. :(
"Reality" ought not be defined this way.
On 29/01/2021 02:38, Jakob Bohm via openssl-users wrote:
If only one or a few parsers are broken, they need to be fixed.
If many broken parsers have proliferated due to generators
semi-violating DER by not omitting the empty field, that has become the
On 06/01/2021 20:57, Michael Wojcik wrote:
But you're asking the wrong question. The correct question is: Why are you
using an outdated version of OpenSSL?
--
Michael Wojcik
:whip-crack: !
If you are lucky .. enjoy your 4th
Most of us are not so lucky ..
On 03/07/2020 13:51, Salz, Rich via openssl-users wrote:
* topic: Change some words by accepting PR#12089
*
* 4 against, 3 for, no absensions
I am at a loss for words.
I can’t contribute to a project that feels this way. The OMC (list at [1], a
picture of some of them at
Hi Michael,
On 28/04/2020 15:21, Michael Wojcik wrote:
From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf Of
tincanteksup
Sent: Tuesday, April 28, 2020 07:02
[tct@arch-hyv-live-64 pki]$ openssl ca -verbose -config safessl-easyrsa.cnf
-keyfile private/ca.key -cert
Greetings openssl users,
I'm a long time lurker..
I am trying to use 'openssl ca' command to verify the status of a
certificate
by serial number only. I can successfully complete this task, however, the
'openssl ca' command always returns an error on completion.
I must point out, in
I would normally refrain but ...
On 25/04/2020 23:24, Salz, Rich via openssl-users wrote:
Yes, nice, why not reduce compile time and save prescious compiler
memory by getting rid of all-inline one-liners.
And link-time collapsing the identical code. I think this is an issue on some
On 29/12/2018 22:08, C.Wehrmeyer wrote:
How am I supposed to get more adept when the documentation is a literal
mess?
Let me reverse that: What is the *point* of getting more adept with the
API when I feel more and more disgusted by learning how it's working
internally?
Welcome to The
After some RTFM, I found space_ec .. which confirms that this change was
intentional.
Thanks
On 29/05/18 16:27, tincanteksup wrote:
Hi,
Certificate included here is only for testing.
I use EasyRSA to build my PKI -- This all works well.
So, now I have a client cert but, depending on which
Hi,
Certificate included here is only for testing.
I use EasyRSA to build my PKI -- This all works well.
So, now I have a client cert but, depending on which version of openssl
I use, I get different output in the Issuer line from the same cert.
The difference is:
openssl 101f:
Issuer: C=00,
11 matches
Mail list logo