[SNIP]
>> However this looks like the key is encrypted with 3DES, but I "exported" it
>> from the Cert+Key with "-aes256" - so I'm puzzled why I'd have a 3DES
>> encrypted p12.
DT> You thought you did but you didn't.
DT> The doc is a bit subtle, but the -$cipher option is listed under "PARSING"
> From: owner-openssl-us...@openssl.org On Behalf Of Gregory Sloop
> Sent: Monday, September 15, 2014 22:50
> And, one more question:
> How can I tell what format/encryption my pkcs12 files are in?
> [I believe for Android platform use, I need p12 certs/keys - so I'm working
> on the export/con
> From: owner-openssl-us...@openssl.org On Behalf Of Gregory Sloop
> Sent: Monday, September 15, 2014 17:14
> I've gone back and re-encrypted the private keys [thanks Dave, again!]
> and this is the result from an asn1parse
> Is that the new format? [It looks like it, but I'm such a "babe in the
7 Data
Shrouded Keybag: pbeWithSHA1And3-KeyTripleDES-CBC, Iteration 2048
Bag Attributes
localKeyID: 13 14 4F 31 89 4A E8 06 54 08 49 EA 5E 6D AE B6 39 F4 7F 01
Key Attributes:
Enter PEM pass phrase:
Verifying - Enter PEM pass phrase:
-BEGIN ENCRYPTED PRIVATE KEY-
...
-END ENCRYP
So, hopefully this will be the last post in the thread. [fat chance, eh!?]
I've gone back and re-encrypted the private keys [thanks Dave, again!] and this
is the result from an asn1parse
openssl asn1parse http://www.sloop.net
---
On Behalf Of Gregory Sloop
Sent: Tuesday, September 09, 2014 01:19
To: <mailto:openssl-users@openssl.org> openssl-users@openssl.org
Subject: Re: Certificate pass phrase brute force...
I used the asn1parse command [thanks Dave!] and while the key looks "old style"
it parses as f
can generate the key file first, with openssl genpkey, which does
>let you specify the encryption cipher; and then use -key to tell
>openssl to use your existing key rather than creating a new one.
>
>You can also do what you describe below, but not encrypt the private
>key the first
n't be a bad idea, but it's not
a high priority, so I wouldn't expect it to happen anytime soon unless someone
wants to submit a patch.
Michael Wojcik
Technology Specialist, Micro Focus
From: Kyle Hamilton [mailto:aerow...@gmail.com]
Sent: Tuesday, 09 September, 2014 13:43
o I wouldn't expect it to happen anytime soon unless someone
wants to submit a patch.
Michael Wojcik
Technology Specialist, Micro Focus
From: Kyle Hamilton [mailto:aerow...@gmail.com]
Sent: Tuesday, 09 September, 2014 13:43
To: openssl-users@openssl.org; Michael Wojcik
Subject: RE: Certifica
fore encrypting it with your preferred cipher.
>
>
>Michael Wojcik
>Technology Specialist, Micro Focus
>
>
>From: owner-openssl-us...@openssl.org
>[mailto:owner-openssl-us...@openssl.org] On Behalf Of Gregory Sloop
>Sent: Tuesday, 09 September, 2014 01:19
>To: openssl-users@ope
sl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org]
On Behalf Of Gregory Sloop
Sent: Tuesday, 09 September, 2014 01:19
To: openssl-users@openssl.org
Subject: Re: Certificate pass phrase brute force...
I used the asn1parse command [thanks Dave!] and while the key looks "old style"
it pa
I used the asn1parse command [thanks Dave!] and while the key looks "old style"
it parses as follows:
50:d=4 hl=2 l= 8 prim: OBJECT:des-ede3-cbc
Which appears to equate to: des-ede3-cbc Three key triple DES EDE in CBC
mode
The full asn parse is:
---
0:d=0 hl=4 l=2446 c
For the legacy formats (dashes-BEGIN PRIVATE RSA KEY or PRIVATE EC KEY)
just look on the DEK-Info: header line.
For PKCS#8 format (dashes-BEGIN ENCRYPTED PRIVATE KEY) do
openssl asn1parse and.
From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org]
On Behalf O
Well, as I said, given my reading of the code, the newest version of EasyRSA
[line 861] shows the following:
local crypto="-des3"
It's in the set_pass function. [On further review of the code, this appears to
only be used by the "set-rsa-pass" or "set-ec-pass" functions, and I can't
determine w
I think it's safe to assume that 3DES is almost certainly a lousier choice
than AES or Camellia on multiple fronts.
Two key triple DES provides about 80-bits of security, and three key triple
DES provides 112-bits of security. Do you know which they are using?
AES-128 provides about 128-bits of se
can be
encrypted with a variety of algorithms and key lengths. From
https://www.openssl.org/docs/apps/rsa.html:
-aes128|-aes192|-aes256|-camellia128|-camellia192|-camellia256|-des|-des3|-idea
These options encrypt the private key with the specified cipher before
outputting it. A pass phrase is promp
ia256|-des|-des3|-idea
These options encrypt the private key with the specified cipher before
outputting it. A pass phrase is prompted for. If none of these options is
specified the key is written in plain text. This means that using the rsa
utility to read in an encrypted key with no encry
05/2014 3:33 PM (GMT-05:00)
>To: openssl-users@openssl.org
>Cc:
>Subject: Re: Certificate pass phrase brute force...
>
>That is easy. Just restrict the number of different passwords per day.
>Any account. Thus the old school brute force idea passes out the
>wind
have been.
These are client _keys_ [as Michael Wojcik correctly points out, they're
actually keys - sorry.] for OpenVPN to connect to the corporate network.
You have to have a client certificate+key [generated by OpenSSL] and the
pass-phrase given when the key was created. Pass-phrases are
an AT&T 4G LTE smartphone
Original message
From: Gregory Sloop <mailto:gr...@sloop.net>
Date:09/05/2014 1:36 PM (GMT-05:00)
To: openssl-users@openssl.org<mailto:openssl-users@openssl.org>
Cc:
Subject: Certificate pass phrase brute force...
General question:
I've done a
message
> From: dave paxton
> Date:09/05/2014 3:33 PM (GMT-05:00)
> To: openssl-users@openssl.org
> Cc:
> Subject: Re: Certificate pass phrase brute force...
>
> That is easy. Just restrict the number of different passwords per day.
> Any account. Thus the old
sponse, but deplore your rudeness
>
>
> Sent via the Samsung GALAXY S® 5, an AT&T 4G LTE smartphone
>
>
> Original message
> From: dave paxton
> Date:09/05/2014 3:33 PM (GMT-05:00)
> To: openssl-users@openssl.org
> Cc:
> Subject: Re: Certificate
.org
Cc:
Subject: Re: Certificate pass phrase brute force...
That is easy. Just restrict the number of different passwords per day. Any
account. Thus the old school brute force idea passes out the window. Most of
what you are looking at it a signing issue. Basically one person do
#x27;m afraid.
Michael Wojcik
Technology Specialist, Micro Focus
From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org]
On Behalf Of Gregory Sloop
Sent: Friday, 05 September, 2014 13:37
To: openssl-users@openssl.org
Subject: Certificate pass phrase brute force...
General question:
Original message
> From: Gregory Sloop
> Date:09/05/2014 1:36 PM (GMT-05:00)
> To: openssl-users@openssl.org
> Cc:
> Subject: Certificate pass phrase brute force...
>
> General question:
>
> I've done a number of searches and can't find a lot
There is nothing special about cracking a certificate password versus any other
password. There is a lot of literature out there; a web search will easily
give you enough information to be depressed. I think your biggest faulty
assumption is that your users will pick truly random 10char passwor
How do I unsubscribe from all of this?
Sent via the Samsung GALAXY S® 5, an AT&T 4G LTE smartphone
Original message
From: Gregory Sloop
Date:09/05/2014 1:36 PM (GMT-05:00)
To: openssl-users@openssl.org
Cc:
Subject: Certificate pass phrase brute force...
Gen
General question:
I've done a number of searches and can't find a lot about the subject. [I've
searched the list archives too...at least as best I could.]
In several cases, the most obvious being OpenVPN, I use client certificates
generated by openssl, with a pass-phrase [
entropy with a hash of the pass phrase. Everything should work as
before.
And 100 bits of real pass phrase uniqueness should be plenty to generate a
2048 bit RSA key (say) because there are lots of gaps in what a useful key
can be. We are feeding into the algorithms that search for a big prime
etc
openssl-us...@openssl.org] On Behalf Of anthony berglas
Sent: Tuesday, February 14, 2012 7:38 PM
To: openssl-users@openssl.org
Subject: Re: Pass phrase based public/private key generation
Hello Jeff,
Thanks for that. But IDE still needs a server and binary secrets to be
held. I just want a s
Hello Jeff,
Thanks for that. But IDE still needs a server and binary secrets to be
held. I just want a simple pass phrase based scheme. It is odd that this
is not more commonplace.
Anthony
On Wed, Feb 15, 2012 at 12:36 PM, Jeffrey Walton wrote:
> On Tue, Feb 14, 2012 at 7:53 PM, anth
On Tue, Feb 14, 2012 at 7:53 PM, anthony berglas wrote:
> Hello All,
>
> I want to set up a simple system in which the private key is derived
> entirely from a pass phrase.
>
> I.e. the pass phrase provides all the "Entropy" that is used. This means
> that the priv
Hello All,
I want to set up a simple system in which the private key is derived
entirely from a pass phrase.
I.e. the pass phrase provides all the "Entropy" that is used. This means
that the private key can be regenerated from the pass phrase at any time,
without needing to maintai
to upload a file to a FTPS server. The FTPS server has
> a certificate which requires a pass phrase. My Java program
> reads from standard error looking for the "Enter PEM pass
> phrase:" prompt so I can then write the pass phrase to stdin.
> >
First for clarification:
to /dev/tty.
Hope that helps.
Matt
On 26/01/12 22:29, Robert O'Hearne wrote:
I am using a Java program to call a Perl script which calls curl to upload a file to a
FTPS server. The FTPS server has a certificate which requires a pass phrase. My Java
program reads from standard error loo
I am using a Java program to call a Perl script which calls curl to upload a
file to a FTPS server. The FTPS server has a certificate which requires a pass
phrase. My Java program reads from standard error looking for the "Enter PEM
pass phrase:" prompt so I can then write the pass
@cynic.net>>
On 2011-11-29 04:15 +0100 (Tue), Peter wrote:
> It generally works, but after the command above is sent, i have
to type in
> pass phrase manually. I need it to be done automatically.
I believe you can just remove the passphrase from the key file.
I know. that's why i'm looking for a way, where I can provide it in some
way other than needing to interact with system.
2011/11/29 Curt Sampson
> On 2011-11-29 04:15 +0100 (Tue), Peter wrote:
>
> > It generally works, but after the command above is sent, i have to typ
On 2011-11-29 04:15 +0100 (Tue), Peter wrote:
> It generally works, but after the command above is sent, i have to type in
> pass phrase manually. I need it to be done automatically.
I believe you can just remove the passphrase from the key file. This of
course has the obvious se
yfile ca.key -cert ca.pem -revoke 04.pem
It generally works, but after the command above is sent, i have to type in
pass phrase manually. I need it to be done automatically. Is there any way
to achieve this? I looked through manual but didn't find any information on
how and if this could be done.
Regards,
Peter
> can any one please help me regarding this, like how to
> retrieve the SSL pass phrase , or assign a new pass phrase
> for the same private key.
Add all information you remember (possible parts, used characters,
length information) to a key cracking tool, run it
It was one of my family members
birthday written backwards followed by the word TeaPot with some
combination of upper
and lower case
Password of the year! :)
On 19 Oct, 2011, at 10:16 PM, Jakob Bohm wrote:
> It was one of my family members
> birthday written backwards followed by the word TeaPo
rase , and
unable to retireve the Pass phrase for the SSL certificates
can any one please help me regarding this, like how to retrieve the SSL pass
phrase , or assign a new pass phrase for the same private key.
__
OpenS
Hi all
I had generated SSL self signed certificates and deployed on m system, where
i had saved m passphrase. Like 5 months back.
Now i am unable to find the document where i had saved passphrase , and
unable to retireve the Pass phrase for the SSL certificates
can any one please help me
t; EVP_PKEY* key = PEM_read_Privatekey(file,NULL,NULL,passwd);
> with file a File* containing the correct file, and passwd a char*.
> In this case : passwd = NULL;
>
> If I load a private key which need a passphrase, the function ask me the
> pass phrase (in konsole). I would like to &
asswd a char*.
In this case : passwd = NULL;
If I load a private key which need a passphrase, the function ask me the
pass phrase (in konsole). I would like to "remove" this feature.
How can i have a NULL value as return instead of typing the required
pass phrase ?
Thank's in
asswd a char*.
In this case : passwd = NULL;
If I load a private key which need a passphrase, the function ask me the
pass phrase (in konsole). I would like to "remove" this feature.
How can i have a NULL value as return instead of typing the required
pass phrase ?
Thank's in
On Thu, Jun 05, 2008 at 10:47:10PM -0400, Gumbie wrote:
> How would I enforcing decent pass phrase on private key? Or can I?
At what point in the key's lifecycle would you like to do that?
--
Viktor.
__
OpenSSL
How would I enforcing decent pass phrase on private key? Or can I?
smime.p7s
Description: S/MIME cryptographic signature
One dev wrote:
El vie, 11-04-2008 a las 17:01 +0300, Deceased escribió:
Hi,
I'm using apache and pkcs12 certs to for auth., but I cannot make web
browser to ask pass phrase every time I connect to it, only for import
pass on cert install. I'm using firefox.
Is there any way to m
El vie, 11-04-2008 a las 17:01 +0300, Deceased escribió:
> Hi,
>
> I'm using apache and pkcs12 certs to for auth., but I cannot make web
> browser to ask pass phrase every time I connect to it, only for import
> pass on cert install. I'm using firefox.
> Is there
Hi,
I'm using apache and pkcs12 certs to for auth., but I cannot make web
browser to ask pass phrase every time I connect to it, only for import
pass on cert install. I'm using firefox.
Is there any way to make pkcs12 certs that require pass phrase for auth,
or any other cert
Hello,
I use the function PEM_write_RSAPrivateKey(privateKeyFilePW,
r,EVP_des_ede3_cbc(),NULL, 0, NULL, NULL) to write the RSA private key with a
pass phrase. But I am wondering where the pass phrase is stored?
later I use the function PEM_read_RSAPrivateKey(privateKeyFilePW, &keyRea
Hello,
I am wondering how many letters we can enter for the PEM pass phrase?
It seems that the maxium length is 1024.
Can we change the pass phrase later? if so, which functions can we use?
Thanks in advance!
_
Discover the new
>> 1. rpm -e openssl ( to install the already installed openssl-0.9.8b)
>1) reinstall openssl package that came with Fedora. unless you are going
>to rebuild all the packages that depend on it you will face a nightmare
>2) strip off the password from your .pem file - if you really dont want
to
Hi,
> 1. rpm -e openssl ( to install the already installed openssl-0.9.8b)
1) reinstall openssl package that came with Fedora. unless you are going
to rebuild all the packages that depend on it you will face a nightmare
2) strip off the password from your .pem file - if you really dont want to
m
Hi Folks !
I am using the openssl-0.9.8b. My application racoon which is a key
management software for the IPsec uses openssl to read the self-siged
certificates.
Every time my certificate is read, I'm asked for the pass phrase "Enter the
PEM pass phrase"
I always enter the pas
A "simple basic question" about usable text in a pass phrase used to
protect my private key.
Well, it's not really openssl specific, but I imagine that the community
here should have an answer.
Imagine I'm using softwares "unicode aware", and then I'm us
in
[Fri Aug 13 21:52:32 2004] [notice] Graceful restart requested, doing
restart
[Fri Aug 13 21:52:41 2004] [notice] Digest: generating secret for digest
authentication ...
[Fri Aug 13 21:52:41 2004] [notice] Digest: done
[Fri Aug 13 21:52:41 2004] [error] Init: Unable to read pass phrase [Hin
Doing it via:
openssl rsa -in inca.key.pem -des3 -out outca.key.pem
would be preferable since the -des3 would trigger output
encryption, and you would be ASKED for the new pass phrase,
while using stdin it just gapes at you with no prompt.
I was (unsuccessfully) trying to remember the trigger
pass phrase for a key?
Does it matter if it is the CA's root key? Will it affect crt's
that are already issued?
I tried to answer this with
openssl rsa -in root.key.pem -passout stdin -out drea.key.pem
but even though it waits for something to be typed on standard
input before proceedin
I had such a request to have such server start alone without human intervention.
If you want a little more secure solution.
You can for example, hardcode a 3DES key in your server, to encrypt/decrypt the PEM
pass phrase, and eventually mess the result a little (but in a way you can reconstruct
Hi,
When i run my SSL server, it keeps asking the PEM pass phrase every
time it is started.
But i want my server to be loaded automaticaly, wihtout need to type
everytime the password.
Is there a way to put this password inside the server code and
eliminate the need of type the pass everytime
It's not THAT hard to modify your $MANPATH variable to include the
nonstandard man page areas. This is some code I use in my .cshrc file
on Solaris:
=
# there is always a way
set path=( \
${HOME}/bin \
${HOME}/src/script \
/bin \
/usr/bin \
/usr/local/bin \
/usr/sbin \
/opt/SUNWspro/bin \
/
At 07:35 PM 2/15/2003 +0100, Dr. Stephen Henson wrote:
This is mentioned in detail, with examples, in the pem(3) manual page.
In Linux the man pages are installed in /usr/local/ssl/man. In other words
they're not put in a place that 'man' can find them. Should I file
a bug?
I consider it a bu
priv key file,I am puzzling
> what is the usage of my input "12345"?
> so I tried again:
> 2)openssl genrsa -des -out key2.pem
> It prompted me to "Enter PEM pass phrase:",I gived "12345",and it
> seems worked. Then I used the file key
char passin[] = "12345";
- Original Message -
From: "ѦԴ" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, November 18, 2002 3:23 PM
Subject: what is the difference between -passout option and PEM pass phrase?
> I want to generate a r
ed again:
> 2)openssl genrsa -des -out key2.pem
> It prompted me to "Enter PEM pass phrase:",I gived "12345",and it
> seems worked. Then I used the file key2.pem in my program as follows:
>
> char * passin = "12345";
> EVP_PKEY *pkey
question, yes it is possible to decrypt the key and
store it with no pass phrase; if I remember correctly you would use the
openssl enc command.
Ryan
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Saturday, October 13, 2001 10:49 AM
To: [EMAIL PROTECTED]
Subject
Nope.. This is why usually one wants to not have a passphrase tied
to a https server which needs to be entered on each restart of the
ssled server..
On Sat, Oct 13, 2001 at 12:11:34PM -0400, George Ascione wrote:
> Hello;
>
> We assigned a pass phrase for a certificate key file by acc
Hello;
We assigned a pass phrase for a certificate key file by accident and now
need to enter the password to start this server. To avoid trashing this
cert is there any way to remove the pass phrase from the key and
de-crypt it?
Thank You
On Thu, Aug 30, 2001 at 12:37:41PM +0200, Geert Van Muylem wrote:
> Is there a possibility to avoid the "Enter PEM pass phrase:" prompt
> when reading the secret key? (And not by not encrypting it.)
> BTW: I'm currently looking at START TLS which is using OpenSSL
Is there a possibility to avoid the "Enter PEM pass phrase:" prompt
when reading the secret key? (And not by not encrypting it.)
BTW: I'm currently looking at START TLS which is using OpenSSL
__
x:+972 3 6442366
mailto:[EMAIL PROTECTED]
http://www.radguard.com
==
Patrick Li wrote:
> Hi,
>
> When creating a client certificate using command "CA.pl -newreq", it prompts
> for entering a PEM pass phrase be
AIL PROTECTED]> To: <[EMAIL PROTECTED]>
Sent by: cc:
owner-openssl-users@o Subjec
Hi,
When creating a client certificate using command "CA.pl -newreq", it prompts
for entering a PEM pass phrase before generating the newreq.pem file. What
is the usage/purpose of this password? It seems to me that it is the
password for accessing data (like private key?) in the
Dear all,
At present I am putting a COM wrapper (with a VB front end) around
cli.cpp and serv.cpp. My intention is to get to a state where I can
connect and disconnect at will, and send and receive messages freely.
The client seems to be working well, but I have a problem with the
server. In ord
The pass phrase input routine reads from the consol not from the standard
input.
I gess that it is more secure than reading from stdin.
Under Windows I managed to write the password to to the console.
It works but it is quite complicated and I don't know if it is possible to
do the same
Hello,
I am building a CA frontend in C/C++ and need to automatically provide
input for the PEM pass phrase dialog when signing CSRs.
I open three pipes for stdin/stdout/stderr, fork to openssl and write
the pwd into stdin. But openssl doesnt read my input.
The thing is: I already did this in
00 10:07 AM
> To: [EMAIL PROTECTED]
> Subject: An old thread - PEM pass phrase for smime signature
>
>
>
>
> Hi,
>
> Sorry to restart this thread and debate.
>
> I am using the smime feature of openssl. I want to automate
> some things, but I
> am stuck with
Hi,
Sorry to restart this thread and debate.
I am using the smime feature of openssl. I want to automate some things, but I
am stuck with the "Enter PEM pass phrase" prompt when I sign mails.
I know that using an uncrypted private key might be helpful, but I whish to
avoid this p
Kuo Hsieh wrote:
>
> In openssl documentation I saw it has the capability to accept
> pass phrase from command line arguments. However, I tried
> to run it and found that this option did not work. Is this option
> supported?
>
Yes it does work. What makes you think that
In openssl documentation I saw it has the capability to accept
pass phrase from command line arguments. However, I tried
to run it and found that this option did not work. Is this option
supported?
Nathan Wang
__
OpenSSL
ierchio wrote:
>
> > Tugrul Bingol wrote:
> >
> > > Is there any way to get the password necessary for "PEM pass phrase"
> > > from a file?
> >
> > Drugs, hypnosis, torture are some of the more common effective methods.
Tugrul Bingol wrote:
>
> Don't be rude !!! If you know the answer you may help, if you don't, don't
> keep list busy.
Oh, I know the answer, if you could state the question in a way that is
specific and doesn't waste everyone's time speculating what it is you
want.
How's this: I won't be rude i
Don't be rude !!! If you know the answer you may help, if you don't, don't
keep list busy.
Michael Sierchio wrote:
> Tugrul Bingol wrote:
>
> > Is there any way to get the password necessary for "PEM pass phrase"
> > from a file?
>
> Dru
> -Original Message-
> From: Tugrul Bingol [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, April 20, 2000 12:42 AM
> To: [EMAIL PROTECTED]
> Subject: PEM pass phrase
>
>
> Hello,
>
> Is there any way to get the password necessary for "PE
Tugrul Bingol wrote:
> Is there any way to get the password necessary for "PEM pass phrase"
> from a file?
Drugs, hypnosis, torture are some of the more common effective methods.
__
> Hello,
> >>
> >> I used openssl in a secure rexecd executed through inetd. Normally each
> >> time I run the server (secure rexecd) it asks me "PEM pass phrase".
> >> However I want to avoid from it since it is run through inetd. In other
> >&
When I try to strip the password encryption off of
the private key, as described below, I get the following error:
req -key keyrq.txt -keyout test.key -nodes -config
openssl.cnf
unable to load Private
key344:error:02001002:system library:fopen:system
lib:tmp32dll\bss_file.c:103:fopen('.oid
> Chris Kopp wrote:
>
> When I try to strip the password encryption off of the private key, as
> described below, I get the following error:
>
> req -key keyrq.txt -keyout test.key -nodes -config openssl.cnf
> unable to load Private key
> 344:error:02001002:system library:fopen:system
> lib:tmp3
There was a bit of a food fight about this subject here last year.
What you need to have for unattended startup is an unencrypted private key.
There are obvious security implications.
Skye Poier is supposed to have written:
>
> What function do you call to avoid the 'Enter PEM pas
oier wrote:
>
> What function do you call to avoid the 'Enter PEM pass phrase:' prompt?
> Just won't do; the daemon needs to be started from an rc script.
>
> Skye
>
> __
> OpenSSL Project
skye> What function do you call to avoid the 'Enter PEM pass phrase:' prompt?
skye> Just won't do; the daemon needs to be started from an rc script.
One way to do it is to write a password callback that you register
through SSL_CTX_set_default_passwd_cb().
However, this m
1] [info] Init: Initializing OpenSSL library
>[29/Jul/1999 23:17:51] [info] Init: Loading certificate & private key of
>SSL-aware server intranet.acclink.com:443
>[29/Jul/1999 23:17:51] [info] Init: Requesting pass phrase via builtin
>terminal dialog
>
>and it just sits there.
&g
Dear open-ssl experts,
Is there a way to create a certificate without PEM pass phrase?
By using the "CA.sh" script to create certificate, you will be prompt for
PEM phrase. It may be a good
idea, however, in the need for server re-boot (auto-boot) the server will pause
for use
phrase. I can send the password with expect ,but the server does
not restart at all. Instead I get an error in the logs/ssl-engine file:
[17/Jul/1999 16:44:42] [info] Init: Requesting pass phrase via builtin
terminal
dialog
[17/Jul/1999 16:44:42] [error] Init: Private key not found. (OpenSSL
library
> Apologies for Nth interation of this Same Old Question, but the FAQ
> solution didn't work for me.
>
> I want to be able to start httpsd without httpsd prompting for a
> password. I followed the directions found in:
> http://www.modssl.org/docs/2.3/ssl_faq.html#remove-passphrase
> to create a
Please note, this is the *OpenSSL* List. For *mod_ssl* there
is a separate one.
Jonathan Mayer schrieb:
>
> Greetings,
>
> Apologies for Nth interation of this Same Old Question, but the FAQ
> solution didn't work for me.
>
> I want to be able to start httpsd without httpsd prompting for a pas
Greetings,
Apologies for Nth interation of this Same Old Question, but the FAQ
solution didn't work for me.
I want to be able to start httpsd without httpsd prompting for a password.
I followed the directions found in:
http://www.modssl.org/docs/2.3/ssl_faq.html#remove-passphrase
to crea
100 matches
Mail list logo
