Edward Chan a écrit:
So to use native windows async i/o, I need to do the I/O myself (using bio
pairs). Then I assume there is an easy way to figure out the ciphers and
things agreed upon during the ssl handshake? Is this stuff readily
available in the SSL object? At the risk of sounding lazy,
Hi
I'm trying to make a signed and encrypted PKCS#7 message with a footprint as small as
possible.
So my (probably dumb) question is: Is it possible not to include signers certificate
in the PKCS#7 ?
The PKCS7_Sign() function does not seem to allow it.
When the receiver wants to verify the
On Friday September 3rd 2004 Hellan.Kim KHE wrote:
I'm trying to make a signed and encrypted PKCS#7 message with a
footprint as small as possible. So my (probably dumb) question is: Is
it possible not to include signers certificate in the PKCS#7 ? The
PKCS7_Sign() function does not seem to
Hi,
If I use the PKCS7_NOCERTS flag and use NULL in the signcert argument, I still get
access violations.
The problem is in x509_cmp.c file in the X509_check_private_key() function.
The lines say:
int X509_check_private_key(X509 *x, EVP_PKEY *k)
{
EVP_PKEY *xk=NULL;
int
Disregard the last mail.
You, of course, must still supply a signer certificate, it's just not included in the
PKCS#7.
Sorry!
/Kim
-Oprindelig meddelelse-
Fra: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] vegne af Hellan.Kim KHE
Sendt: 3. september 2004 12:35
Til: Marco Roeland; [EMAIL
Hi again
In the other end I normally use PKCS7_verify() in order to verify the signature and
get the signed text.
This function also fails since there is no signer certificate in the PKCS#7.
Do you know how to handle signature verification and text retrieval in the receiver
end ?
Any help
On Friday September 3rd 2004 Hellan.Kim KHE wrote:
You, of course, must still supply a signer certificate, it's just not
included in the PKCS#7.
Correct.
Sorry!
Heh, no problem! OpenSSL is great, but it does take some time to learn!
Once you get over that it's very powerful and flexible.
Greetings,
I am interested in a rough quick experiment with the SSL handshake
process. My idea is to custom create the handshake layer in SSL with my
own version of SSL handshake, keeping everything else intact in the SSL
protocol. I am wondering if I can use some library/command line (such
as,
Hi,
If I have a certificate in a buffer (get it via TLS connection)
Right now I use CryptoAPI and CryptEncrypt to read the public key and
encrypt my key( the pre msaterkey) with it.
What would I do in OpenSSL to achive the same thing? any example?
regards
Niklas
Title: How to create a certificate silently
Hi, I use the openssl to create a self signed certificate, but it needs interactively input country name, province name, ... Common name. I am wondering if there is a way to do it silently, i.e. let it read those response from a configure file?
Hello!
I'm writing you because I would like to know if Opessl is planning
to support the Cryptographic Message Syntax (CMS) for the PKCS#7, and in
that case, when it could be possible to be available.
Thanks for your answers,
Regards,
Antonio.
On Fri, Sep 03, 2004 at 11:19:37AM -0400, Lule Chen wrote:
Hi, I use the openssl to create a self signed certificate, but it needs
interactively input country name, province name, ... Common name. I am
wondering if there is a way to do it silently, i.e. let it read those
response from a
Title: RE: How to create a certificate silently
Thanks, but I am new to openssl. Could you give me a little bit more detail of the usage?
Lule
-Original Message-
From: Mark Foster [mailto:[EMAIL PROTECTED]]
Sent: Friday, September 03, 2004 12:39 PM
To: [EMAIL PROTECTED]
Subject:
CSRs are generated with MD5 as the default signature algorithm. I'd
like to use SHA1 instead of MD5. I've searched around (Google,
openssl-users archives) but haven't found anything. Manpages don't
mention anything regarding changing it. Please advise on how to
accomplish this.
Thanks,
C
Hi,
I have Apache 2.50.0 with the mod_ssl enabled on an AIX 5.1
machine. I compiled openssl-0.9.7d with the gcc compiler. When I first
installed the key, I wanted to create it with no passphrase, but it said I
needed a minimum of 4 characters. When I now try to reset it with the command
#
On Fri, Sep 03, 2004 at 12:51:02PM -0400, Lule Chen wrote:
Thanks, but I am new to openssl. Could you give me a little bit more detail
of the usage?
There is a good article in Septembers SysAdmin mag (if you can obtain a copy)
about using expect to automate openssl operations.
If you're using Unix or another system that supports the
Environment variables, you can write a fixed openssl conf
file that references appropriate variables in appropriate
places. If you don't have Environment you can still write
a custom openssl conf file for each instance of signing.
Lule Chen
I have Apache 2.50.0 with the mod_ssl enabled on an AIX 5.1
machine. I compiled openssl-0.9.7d with the gcc compiler. When I first
installed the key, I wanted to create it with no passphrase, but it said I
needed a minimum of 4 characters. When I now try to reset it with the command
#
Title: RE: How to create a certificate silently
Thanks,
Lule
-Original Message-
From: Mark Foster [mailto:[EMAIL PROTECTED]]
Sent: Friday, September 03, 2004 2:55 PM
To: [EMAIL PROTECTED]
Subject: Re: How to create a certificate silently
On Fri, Sep 03, 2004 at 12:51:02PM
Title: RE: How to create a certificate silently
Thanks,
Lule
-Original Message-
From: Charles B Cranston [mailto:[EMAIL PROTECTED]]
Sent: Friday, September 03, 2004 3:00 PM
To: [EMAIL PROTECTED]
Subject: Re: How to create a certificate silently
If you're using Unix or another
I am trying to install SSLeay and have used both the automatic link
with-in Webmin and manually. I get the same failure notice either way.
Attached is the install log. The errors appear in the last 5 or so
lines. Anyone have any ideas how to prevent this?
This install is on a HP LPR Running
21 matches
Mail list logo