Facing problems with openssl-1.1.1c & later versions

Hi, There, I am new to openSSL and currently working on integrating openSSL libraries in our product which has linux-ppc platform. We have an old version of kernel in our product i.e. 2.6.37.6. I want to integrate lighttpd with openSSL for HTTPS support. When I use openSSL-1.1.1b or older versi

Re: [openssl-users] [openssl-dev] Still problems with openssl 1.0.2 snapshot

How do you configure? > test_dtls1_not_bleeding failed: expected return value -1, received 0 > ** test_dtls1_not_bleeding failed ** ... > 4 tests failed > *** Error code 1 -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

[openssl-users] Still problems with openssl 1.0.2 snapshot

ALL OCSP TESTS SUCCESSFUL Test X509v3_check_* ../util/shlib_wrap.sh ./v3nametest ../util/shlib_wrap.sh ./heartbeat_test test_dtls1_not_bleeding failed: expected return value -1, received 0 ** test_dtls1_not_bleeding failed ** test_dtls1_not_bleeding_empty_payload failed: expected return va

Re: [openssl-users] Problems with OpenSSL 1.0.2 h

Have you tried to configure this cipher at the top of your cipher list initially with SSL_OP_SERVER_CIPHER_PREFERENCE? -- -Todd Short // tsh...@akamai.com // "One if by land, two if by sea, three if by the Internet." On May 4, 2016, at 12:04 PM, Benjamin Kaduk mailto:b

Re: [openssl-users] Problems with OpenSSL 1.0.2 h

Hello, On 05/04/2016 05:21 AM, Dirk Menstermann wrote: > Hi, > > I've trouble with the newest OpenSSL as I'm operating a webserver application > that answers with HTTP1.x and HTTP2. > > I registered the ALPN callback and in this the cipher list was adjusted > "SSL_set_cipher_list (ssl, "ECDHE-RSA-

[openssl-users] Problems with OpenSSL 1.0.2 h

Hi, I've trouble with the newest OpenSSL as I'm operating a webserver application that answers with HTTP1.x and HTTP2. I registered the ALPN callback and in this the cipher list was adjusted "SSL_set_cipher_list (ssl, "ECDHE-RSA-AES128-GCM-SHA256")" if H2 was negotiated. With versions < OpenSSL

[openssl-users] Problems with openssl verify -crl_check ...

Hello, openssl verify -CAfile root.pem -untrusted issuer.pem srvr.pem gives this output srvr.pem: OK but openssl verify -CAfile root.pem -crl_check -untrusted issuer.pem srvr.pem gives this: srvr.pem: C = US, OU = Domain Control Validated, CN = revoked.grc.com error 3 at 0 depth lookup:unable to

Re: [openssl-users] Performance problems with OpenSSL and threading

> I will just grab master then. Will this change be in the next 1.0.2 release? No. Released branches only get bug-fixes. ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Performance problems with OpenSSL and threading

I will just grab master then. Will this change be in the next 1.0.2 release? -Bryan > On May 8, 2015, at 10:12 AM, Salz, Rich wrote: > > >> You can private message me the patch and I can benchmark it for you. >> Please let me know what release version or hash on git that it will cleanly >>

Re: [openssl-users] Performance problems with OpenSSL and threading

> You can private message me the patch and I can benchmark it for you. > Please let me know what release version or hash on git that it will cleanly > apply. Do you know what release this will be going in? It is this commit 3e47caff4830d2a117eda15b57a5feab89b846ae on master. A quick check sho

Re: [openssl-users] Performance problems with OpenSSL and threading

You can private message me the patch and I can benchmark it for you. Please let me know what release version or hash on git that it will cleanly apply. Do you know what release this will be going in? -Bryan > On May 1, 2015, at 6:49 AM, Salz, Rich wrote: > >> Lock #1 is CRYPTO_LOCK_ERR,

Re: [openssl-users] Performance problems with OpenSSL and threading

It is in non-blocking mode. After removing the call to SSL_get_error for the SSL_read case (0 return value) I discovered we call SSL_get_error in a couple more places. Here is a simple request and the return codes on SSL_accept, SSL_read, and SSL_write and the return codes from SSL_get_error.

Re: [openssl-users] Performance problems with OpenSSL and threading

Not sure. Are you using blocking or non-blocking IO? Have you tried SSL_MODE_AUTO_RETRY? Do you notice a different return value from SSL_read() after a zero byte read compared to other errors? On 05/06/2015 07:12 PM, Bryan Call wrote: > Do you know if there is a way from preventing a call to

Re: [openssl-users] Performance problems with OpenSSL and threading

Do you know if there is a way from preventing a call to SSL_get_error() after getting a 0 byte read from SSL_read()? This is the main issue I am facing with the OpenSSL error locking right now. -Bryan > On May 1, 2015, at 6:49 AM, Salz, Rich wrote: > >> Lock #1 is CRYPTO_LOCK_ERR, which I

Re: [openssl-users] Performance problems with OpenSSL and threading

Yes, if you never call FIPS_mode_set(), the POST will never run. I'll defer to the experts on your other questions. On 05/01/2015 05:10 PM, Bryan Call wrote: > So can I assume the FIPS POST has completed if I never call FIPS_mode_set() > in the code? I was confused about that. > > When we call

Re: [openssl-users] Performance problems with OpenSSL and threading

So can I assume the FIPS POST has completed if I never call FIPS_mode_set() in the code? I was confused about that. When we call SSL_read() and get a 0 byte return we call SSL_get_error() to see if there was an error not not. Maybe there is a more efficient handle this, like looking at the sh

Re: [openssl-users] Performance problems with OpenSSL and threading

>Lock #1 is CRYPTO_LOCK_ERR, which I believe is used for logging errors.  It >appears your application is generating a lot of errors for some reason.  Never >tried it myself, but you probably can't disable this lock with multiple >threads running.  You should take a look at the error log to iden

Re: [openssl-users] Performance problems with OpenSSL and threading

The changes to SSL_locking_callback() look good. But the code you've added to SSL_CTX_add_extra_chain_cert_file() doesn't accomplish much. You're checking if FIPS is on or off, then setting the FIPS mode to the current setting, which is a no-op. On 04/30/2015 09:49 PM, Bryan Call wrote: > (plai

Re: [openssl-users] Performance problems with OpenSSL and threading

Lock #1 is CRYPTO_LOCK_ERR, which I believe is used for logging errors. It appears your application is generating a lot of errors for some reason. Never tried it myself, but you probably can't disable this lock with multiple threads running. You should take a look at the error log to identify th

Re: [openssl-users] Performance problems with OpenSSL and threading

(plain text and removed most of the history) John if you don’t mind reviewing my change to Apache Traffic Server. It seems to be working very well. Thank you again! https://git-wip-us.apache.org/repos/asf?p=trafficserver.git;a=blobdiff;f=iocore/net/SSLUtils.cc;h=0b732440636ab4e9eaedf237a5674bd

Re: [openssl-users] Performance problems with OpenSSL and threading

This is for Apache Traffic Server and we have no knobs for turning on/off FIPS. I am thinking about always disabling FIPS right now and that would happen before we create the threads. I was able to get rid of all the FIPS lock connection with the changes you recommend (Big Thanks!). The big

Re: [openssl-users] Performance problems with OpenSSL and threading

Correct. Locks 39/40 are only useful while the POST is running. Once the POST completes, the POST status never changes again unless the POST runs again. The only way to run the POST is by invoking FIPS_mode_set(1). But there should be no reason to invoke FIPS_mode_set(1) more than once unless y

Re: [openssl-users] Performance problems with OpenSSL and threading

Can I safely assume that if I call FIPS_mode_set(0) and get a successful return value then I don’t need to lock when there are callbacks for type 39 and 40 locks (for OpenSSL 1.0.1 and 1.0.2)? -Bryan > On Apr 28, 2015, at 10:22 AM, John Foley wrote: > > In the context of OpenSSL 1.0.1 or 1

Re: [openssl-users] Performance problems with OpenSSL and threading

> In the future, this may change if/when OpenSSL does another FIPS validation. > CMVP has changed the implementation guidance that requires the POST to run > automatically without user intervention. Any future FIPS validations would > be subject to the new rules. Hence, the behavior of FIPS_mode_

Re: [openssl-users] Performance problems with OpenSSL and threading

In the context of OpenSSL 1.0.1 or 1.0.2, this means FIPS_mode_set(1) has returned with a successful return value. In the future, this may change if/when OpenSSL does another FIPS validation. CMVP has changed the implementation guidance that requires the POST to run automatically without user in

Re: [openssl-users] Performance problems with OpenSSL and threading

What do you mean by “FIPS POST has completed”? -Bryan > On Apr 24, 2015, at 4:17 PM, John Foley wrote: > > Some of the algorithms still invoke the FIPS flavor of the algorithm even > when FIPS is disabled. For example, this code is from EVP_DigestUpdate(). > > int EVP_DigestUpdate(EVP_MD_

Re: [openssl-users] Performance problems with OpenSSL and threading

Some of the algorithms still invoke the FIPS flavor of the algorithm even when FIPS is disabled. For example, this code is from EVP_DigestUpdate(). int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data, size_t count) { #ifdef OPENSSL_FIPS return FIPS_digestupdate(ctx, data, count); #else

Re: [openssl-users] Performance problems with OpenSSL and threading

In my last email I ran the benchmark on Fedora 21 (big mistake). Here are the results when running it back on the 28/56 core RHEL 6.5 server showing contention in a different place (fips). Is there a reason it would be calling into the FIPS code to get a lock of FIPS is not enabled? Contenti

Re: [openssl-users] Performance problems with OpenSSL and threading

When you create the private key given to SSL_CTX, be sure to instantiate a private key for each thread as well. If you share the same key across all threads, this can introduce contention. Here are the type 1 & 2 locks: # define CRYPTO_LOCK_ERR 1 # define CRYPTO_LOCK_EX_DATA

Re: [openssl-users] Performance problems with OpenSSL and threading

We are using a single SSL_CTX across all the threads, so I will create multiple SSL_CTX per thread. I implemented dynlock callbacks yesterday, but I didn’t see them being used in the tests I did. I also added atomic counters to see what type of locks are having contention (see logs below): Mo

Re: [openssl-users] Performance problems with OpenSSL and threading

Looking at your call stack, it appears you're testing with FIPS mode enabled. There's a lock in FIPS_selftest_failed() that's used to ensure the crypto algorithms inside the FIPS boundary are not utilized until after the POST has completed and passed. Unfortunately this lock remains installed for

[openssl-users] Performance problems with OpenSSL and threading

I was running a benchmark on a 28 core (56 hyper-threaded) server that is running 84 threads in the process and I am seeing a lot of lock contention. I saw a lot of lock contention in the calls to SSL_get_error() ssl3_accept(). I am running RHEL 6.5 and openssl-1.0.1e-30.el6_6.7.x86_64. We ha

Problems with OpenSSL and GoDaddy Cert

can I fix this? -- View this message in context: http://old.nabble.com/Problems-with-OpenSSL-and-GoDaddy-Cert-tp34042959p34042959.html Sent from the OpenSSL - User mailing list archive at Nabble.com. __ OpenSSL Project

Re: Problems with OpenSSl BN

On 29/05/12 22:52, Matt Caswell (fr...@baggins.org) wrote: On 29/05/12 16:55, chip...@gmx.de wrote: Now I set for every variable the BN_FLG_CONSTIME Flag, so that I can be sure, that they will need the same time. I measured the time the BN_nnmod operation in the BN_mod_add function needs for

Re: Problems with OpenSSl BN

to do a carry or creating a new word for the value which is bigger than the modulos. Original-Nachricht > Datum: Tue, 29 May 2012 22:52:11 +0100 > Von: "Matt Caswell (fr...@baggins.org)" > An: openssl-users@openssl.org > Betreff: Re: Problems with OpenSS

Re: Problems with OpenSSl BN

On 29/05/12 16:55, chip...@gmx.de wrote: Hi, thank you again for your answer. Now I set for every variable the BN_FLG_CONSTIME Flag, so that I can be sure, that they will need the same time. I measured the time the BN_nnmod operation in the BN_mod_add function needs for the modulo operation a

Re: Problems with OpenSSl BN

t). When I want to use the summands value later, then it just has the value zero. Thank you for your help. Original-Nachricht > Datum: Mon, 28 May 2012 23:23:43 +0100 > Von: "Matt Caswell (fr...@baggins.org)" > An: openssl-users@openssl.org > Betreff: Re

Re: Problems with OpenSSl BN

t from the caching of temporary variables. Thank you for your answer. Original-Nachricht Datum: Tue, 15 May 2012 00:04:16 +0100 Von: "Matt Caswell (fr...@baggins.org)" An: openssl-users@openssl.org Betreff: Re: Problems with OpenSSl BN On 14/05/12 15:48, chip.

Re: Problems with OpenSSl BN

time with different context variables, but it has no consequences. The caculating results also stay the same. Thank you for your answer. Original-Nachricht > Datum: Tue, 15 May 2012 00:04:16 +0100 > Von: "Matt Caswell (fr...@baggins.org)" > An: openssl-users@o

Re: Problems with OpenSSl BN

On 14/05/12 15:48, chip...@gmx.de wrote: Hello, I am using the OpenSSL BN functions. Wenn I measure the time which a BN function needs, then I see that for example BN_mod_add, needs for every calling different times. Shouldn't it be the same timeconsumption, every time I call for example BN_m

Problems with OpenSSl BN

Hello, I am using the OpenSSL BN functions. Wenn I measure the time which a BN function needs, then I see that for example BN_mod_add, needs for every calling different times. Shouldn't it be the same timeconsumption, every time I call for example BN_mod_add? The deviation is up to 300%. Than

Re: Problems with openssl req using an on-board 2048 bit RSA key from a USB token

I managed to get this to work with a 2048 bit key by using the Aladdin PKCS#11 library instead of the OpenSC one: engine dynamic -pre SO_PATH:C:\WINDOWS\SYSTEM32\engine_pkcs11.dll -pre ID:pkcs11 -pre LIST_ADD:1 -pre LOAD -pre MODULE_PATH:C:\WINDOWS\SYSTEM32\eTPKCS11.dll req -engine pkcs11 -new -ke

Problems with openssl req using an on-board 2048 bit RSA key from a USB token

I'm trying to generate a PKCS#10 CSR using an Aladdin eToken Pro 64k with a 2048 bit key. I'm using Windows Vista 32bit, with the Aladdin PKI Client drivers v5.1, OpenSC 0.12.0, and Win32 OpenSSL 1.0.0d. I can generate the CSR with a 1024 bit key generated on board with no problems. When I use a

Re[2]: Problems with OpenSSL S/MIME sign

Hello Stephen, Wednesday, January 24, 2007, 11:20:38 PM, you wrote: DSH> On Wed, Jan 24, 2007, Andrew V. Jelly wrote: >> Have a problem with sending emails signed (S/MIME) using OpenSSL >> >> Post command: >> > openssl smime -sign -text -in message.txt -out signed.txt -signer my.cert >>

Re: Problems with OpenSSL S/MIME sign

On Wed, Jan 24, 2007, Andrew V. Jelly wrote: > Hello openssl-users, > > > Have a problem with sending emails signed (S/MIME) using OpenSSL > > Post command: > > openssl smime -sign -text -in message.txt -out signed.txt -signer my.cert > -inkey my.key -certfile other.cert -from

Problems with OpenSSL S/MIME sign

Hello openssl-users, Have a problem with sending emails signed (S/MIME) using OpenSSL Post command: > openssl smime -sign -text -in message.txt -out signed.txt -signer my.cert -inkey my.key -certfile other.cert -from <[EMAIL PROTECTED]> -to <[EMAIL PROTECTED]> Message successf

Problems with OpenSSL Engine and hashing.

Hello everybody, I have a problem in making our OpenSSL Engine that drives our HW accelerator work fine for hash (SHA1 in particular). The problem seems to be related to my "Digest_Copy" or (less likely) "Digest_Cleanup" implementation (I'll explain this further on). The Engine works fine for the C

Re: b-etch: problems with openssl-0.9.8a

On Tue, Nov 29, 2005 at 09:21:19PM +0300, Dmitry Belyavsky wrote: > > > 4119:error:1408F455:SSL routines:SSL3_GET_RECORD:decryption failed or bad > > > record mac:s3_pkt.c:426: > > > > > > What's wrong? > > > > > > > http://lists.alioth.debian.org/pipermail/pkg-openssl-devel/2005-November/000418.

Re: b-etch: problems with openssl-0.9.8a

Greetings! On Tue, 29 Nov 2005, Victor Duchovni wrote: > On Tue, Nov 29, 2005 at 05:32:45PM +0300, Dmitry Belyavsky wrote: > > > Greetings! > > > > We use openssl 0.9.8a, apache 1.3.34 with mod_ssl 2.8.25 (Debian etch). > > The URL we request requires client certificate. > > > > 4119:error:1408F4

Problems with openssl installation

Windows 2000 ActivePerl v5.6.1 CYGWin Trying to install openssl. > ./config > make Make failes with the following error: making all in crypto... make[1]: Entering directory `/openssl/crypto' gcc -I. -I.. -I../include -DOPENSSL_SYSNAME_CYGWIN32 -DOPENSSL_THREADS -DDS O_WIN32 -DOPENSSL_NO_KRB5 -D

Build problems with openssl.

Hi, Query about openssl-0.9.7 build, I built openssl-0.9.7, using config: ./config --prefix=/usr/local/opensslbuilds no-threads no-shared This created all files in /usr/local/opensslbuilds. Then, I copied libssl.a and libcrypto.a into my source directory, and made changes to my Makefile to link w

RE: problems with openssl 0.9.6d and up

printed or electronic. -Original Message- From: Bart Dumon [mailto:[EMAIL PROTECTED]] Sent: Saturday, September 07, 2002 6:49 AM To: [EMAIL PROTECTED] Subject: problems with openssl 0.9.6d and up hey, i'm trying to post an xml through https, however, it looks like this is not going t

Re: Install Problems with OpenSSL 0.9.6d and Apache 1.3.26

t; > -Original Message- > From: Joseph Botto [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, July 10, 2002 8:57 PM > To: [EMAIL PROTECTED] > Cc: Graham > Subject: Install Problems with OpenSSL 0.9.6d and Apache 1.3.26 > > > Hello all. I'm new to all of th

Re: RE: Install Problems with OpenSSL 0.9.6d and Apache 1.3.26

- I'll try >to fix it. > >Bye, Jochen. > > > > -Original Message- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED]]On Behalf Of Joseph >Botto > > Sent: Thursday, July 11, 2002 2:57 AM > > To: [EMAIL PROTECTED] > > Cc: Gr

RE: Install Problems with OpenSSL 0.9.6d and Apache 1.3.26

To: [EMAIL PROTECTED] > Cc: Graham > Subject: Install Problems with OpenSSL 0.9.6d and Apache 1.3.26 > > > Hello all. I'm new to all of this stuff, and am desparately in > need of some > help. > Here's the deal: > > I'm installing Apache 1.3.26, OpenSSL 0

RE: Install Problems with OpenSSL 0.9.6d and Apache 1.3.26

Try again and use openssl-0.9.6b...This may help -Original Message- From: Joseph Botto [mailto:[EMAIL PROTECTED]] Sent: Wednesday, July 10, 2002 8:57 PM To: [EMAIL PROTECTED] Cc: Graham Subject: Install Problems with OpenSSL 0.9.6d and Apache 1.3.26 Hello all. I'm new to all of

Re: Install Problems with OpenSSL 0.9.6d and Apache 1.3.26

HI list In fact I am also facing a problem like Joseph I am installing apache on my laptop what i wanna is to set up a https server I am reading instructions frm (I have kept a web page resume.html in my public_html dir in /home/chhabra ) http://www.modssl.org/docs/apachecon2001 but after doin

Install Problems with OpenSSL 0.9.6d and Apache 1.3.26

Hello all. I'm new to all of this stuff, and am desparately in need of some help. Here's the deal: I'm installing Apache 1.3.26, OpenSSL 0.9.6d, PHP 4.2.1, MySQL 3.23, mod_ssl 2.8.10, etc on a Red Hat v7.2 box. Now, everything installs and compiles properly (without errors), yet SSL is not workin

Re: Major problems with OpenSSL and Apache 1.3.x

check ldconfig On Mon, Jun 24, 2002 at 01:10:08PM -0700, Hendrick Chan wrote: > Michael, > > You missed the libexec that mentioned in the example of httpd.conf: > > LoadModule foo_module libexec/mod_foo.so > > Michael Piskol wrote: > > > Hello, > > > > I'm currently working on installing Open

Re: Major problems with OpenSSL and Apache 1.3.x

Michael, You missed the libexec that mentioned in the example of httpd.conf: LoadModule foo_module libexec/mod_foo.so Michael Piskol wrote: > Hello, > > I'm currently working on installing OpenSSL 0.9.6 under my Apache 1.3.x > webserver. Unfortunately, major problems occurred during testing th

Major problems with OpenSSL and Apache 1.3.x

Hello, I'm currently working on installing OpenSSL 0.9.6 under my Apache 1.3.x webserver. Unfortunately, major problems occurred during testing the new configuration. In detail, the Apache constantly conplains that he cannot find the SSL-Module although I have got the following two lines in my ht

RE: problems with openssl and keytool

unday, November 25, 2001 5:09 PM To: [EMAIL PROTECTED] Subject: Re: problems with openssl and keytool Lidia Castillejo wrote: > > Hi, > please can somebody help me? > I'm working with openssl and keytool of jdk > I create my autority certification with openssl. > I create a

Re: problems with openssl and keytool

On Mon, 2001-11-26 at 11:27, Lidia Castillejo wrote: > Hi, > Thanks Dr S N Henson XDD > I'm using RSA keys.How i can create a PKCS#12 file from the certificate and > private key? > Thanks > using the command line: openssl pkcs12 export -in your_cert.pem -out your.p12 -inkey privatekey.pem rega

Re: problems with openssl and keytool

Hi, Thanks Dr S N Henson XDD I'm using RSA keys.How i can create a PKCS#12 file from the certificate and private key? Thanks - Original Message - From: "Dr S N Henson" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Monday, November 26, 2001 2:09 AM Subject

Re: problems with openssl and keytool

Lidia Castillejo wrote: > > Hi, > please can somebody help me? > I'm working with openssl and keytool of jdk > I create my autority certification with openssl. > I create a public/private pair keys with keytool and make a certification > request to ca. > CA validity my csr file and create a .pem

problems with openssl and keytool

Hi, please can somebody help me? I'm working with openssl and keytool of jdk I create my autority certification with openssl. I create a public/private pair keys with keytool and make a certification request to ca. CA validity my csr file and create a .pem file i try import this file in my keystor

RE: Problems with OpenSSL and C++

Hi Craig, check your Project settings: C/C++ --> Category=Code Generation --> Multithreaded > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]On Behalf Of Brown, Craig > Sent: Monday, July 23, 2001 10:12 PM > To: '[EMAIL PROTECTED]

Installation problems with openssl-0.9.6b

I am building and installing openssl-0.9.6b on a Solaris 8 box. I am getting an erro when I try to 'make install'. Any thoughts? I'm not hugely familiar with make files, so this could be pretty simple. # which make /usr/ccs/bin/make # which cc /opt/SUNWspro/bin/cc # ./config shared no-rc5 --pre

installation problems with openssl

Hi, I am trying to get openssl installed and after making my keys and such I did a test on the command line, and here are the errors that I am getting. And I have no idea what they mean. Any help would be appreciated. If you need further information in order to help just let me know. ./openssl s

Re: Problems with openssl

On Thu, Jan 18, 2001 at 04:02:42PM -0500, Peter Hall wrote: > I'm looking at a demo in demos/ssl/serv.cpp which uses 2 functions called > SSL_CTX_use_certificate_file and SSL_CTX_use_PrivateKey_file. The demos > uses the same > file name (foo-cert.pem). How can I get create one of these files. >

RE: Problems with openssl

I'm looking at a demo in demos/ssl/serv.cpp which uses 2 functions called SSL_CTX_use_certificate_file and SSL_CTX_use_PrivateKey_file. The demos uses the same file name (foo-cert.pem). How can I get create one of these files. I have used these commands to get a cacert.pem and cakey.pem but I don

Re: Problems with openssl

On Thu, Jan 18, 2001 at 05:32:02PM +0100, irochira wrote: > Executing "Openssl s_client" on a "Openssl s_server" with its certificate >"server.pem", > ( setting #define TEST_CERT "./server.pem"), I obtain this message > > CONNECTED(0003) > depth=0 /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=S

Problems with openssl

Executing "Openssl s_client" on a "Openssl s_server" with its certificate "server.pem", ( setting #define TEST_CERT "./server.pem"), I obtain this message CONNECTED(0003) depth=0 /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Server test cert (512 bit) verify error:num=20:unable to get local issu

Re: problems with openssl-0.9.6 on MacOS X Server

Hi, On Oct. 30th 2000, Richard Levitte wrote: mark> > cc -o openssl -DMONOLITH -I../include -O3 -DB_ENDIAN openssl.o verify.o mark> > asn1pars.o req.o dgst.o dh.o dhparam.o enc.o passwd.o gendh.o errstr.o ca.o mark> > pkcs7.o crl2p7.o crl.o rsa.o rsautl.o dsa.o dsaparam.o x509.o genrsa.o mark> >

Re: problems with openssl-0.9.6 on MacOS X Server

From: Mark Morrill <[EMAIL PROTECTED]> mark> > cc -o openssl -DMONOLITH -I../include -O3 -DB_ENDIAN openssl.o verify.o mark> > asn1pars.o req.o dgst.o dh.o dhparam.o enc.o passwd.o gendh.o errstr.o ca.o mark> > pkcs7.o crl2p7.o crl.o rsa.o rsautl.o dsa.o dsaparam.o x509.o genrsa.o mark> > gendsa.

problems with openssl-0.9.6 on MacOS X Server

Hi, I got openssl-0.9.5 on my server without really big problems. And I just tried it again ./config and make and it worked just fine. However, with openssl-0.9.6, I get: > cc -o openssl -DMONOLITH -I../include -O3 -DB_ENDIAN openssl.o verify.o > asn1pars.o req.o dgst.o dh.o dhparam.o enc.o pa

problems with openssl cert

HI All, I did waste two days trying to establish two -way authentication using server - client model with stunnel 3.8p4 and openssl 0.9.5a. I tried all the methods described on the faq, examples and from search. In stead of describing you , what all I did and what kind of error I got, I will pre

Intallation problems with openssl-0.9.4

Hi, I have some weird problems with my installation of openssl I'm trying to install this on a SunOS 5.6 Generic_105181-07 sun4u sparc SUNW,Ultra-2 And I just can't get it to work. Is there anyone out there who has any idea of what this can be? Cheers, -Jan - gcc

Re: problems with OpenSSL on HP-UX

I apologize for posting this a second time. My mail client (or my brian, one or the other) was acting up, and it didn't appear that my original message had gone through. -- Scott Dellinger Systems Administrator, JMU Technical Services [EMAIL PROTECTED] ___

problems with OpenSSL on HP-UX

I am having problems compiling applications with openssl 0.9.4 and 0.9.3a under both HP-UX 11.00 and 10.20, on several different systems. When attempting to compile Apache with either mod_ssl or Apache+SSL extensions, eventually the compile fails with a linker error message of: ld: Invalid loade