Hi, I´m new to OpenSSL 0.9.8. I was using 0.9.7with mod_ssl version
about 2 weeks since yesterday. (everything in Win32,and works I
promise :) )
1.- In 0.9.7 version, i could do my own certificate with:
perl ca.pl -newca (and then, i filled all i need)
But in 0.9.8 it has been some changes that
Dear Steven,
you're right.
MS VC5 compiler can't compile (at least portions of) openssl 0.9.8, but
MS VC6 compiler does.
Thank you!
Steven Reddie wrote:
That error message tends to occur when the code is too complicated for the
compiler. You may be able to avoid the error by rearranging the
[EMAIL PROTECTED] 12.07.2005 21:44
Reinhard Haller wrote:
Hi,
I want to create certificates with 2 subject alternative names:
email
employee-number
The emailAddress is not part of the subject distiguished name.
Perhaps you could apply my patch from ticket 1050.
That allows to
Hi,
I'm new to OpenSSL, and I'm hoping someone can tell me the easiest/best way
to parse an email address from a X509 V3 client email cert.
Any suggestions would be appreciated.
Thanks,
Thomas
__
OpenSSL Project
I am having a lot of problems importing a certificate made in openssl
into a phone, but I can get a keytool certificate imported. The only
thing is that I need to change the V1 cert (keytool only makes V1) to a
V3 cert - can openssl modify a cert to a V3 (without changing anything
else)?
Hi,
I am still stuck on the phone cert creation, but I am inching closer!
How do I generate a cert with only the below data to be included in the
certs? What should be openssl.cnf have? What should be my genrsa be? and
do I need to do anything else? I have attached the asn1parse output of
This is a follow on from my last post as the text lost its formatting.
How do I change the utc time of a certificate to a smaller format
(whilst creating a cert):
18082107Z - there are lots of zeros in this format, openssl gives less.
Also, how do I add a friendly name object - I have
Thanks.
David Schwartz wrote:
I am having a lot of problems importing a certificate made in openssl
into a phone, but I can get a keytool certificate imported. The only
thing is that I need to change the V1 cert (keytool only makes V1) to a
V3 cert - can openssl modify a cert to a V3 (without
On Wed, Jul 13, 2005, Manuel Gil Perez wrote:
Hi all,
I have a C++ application that uses OpenSSL as cryptographic library and I
need to create a new OID which will be used in my application.
The definition will be as follows:
#define SN_id_ct_scvp_certValRequest
Ignore my last post - I forgot the extra 0s are the hhdd etc...
But I am having a problem - I have deleted all files on my phone, but I
cannot get it to accept my certificates. If I add just one of the old
certificates and then mine, it will be recognized - but only as part
of the old one
Hi, on RHEL4 ppc64 I am getting the same message while building both
0.9.7g and 0.9.8:
[EMAIL PROTECTED] openssl-0.9.7g]#./Configure linux-ppc64 shared
...
Configured for linux-ppc64.
[EMAIL PROTECTED] openssl-0.9.7g]# make
making all in crypto...
make[1]: Entering directory
An addition:
The phone surely cannot have the private keys (of all the major
certificate companies) so, it has to be something to do with the format
of the cert. For those who read my earlier posts, I have added the first
2 bytes of certs on the phone (signalling whether it is a v1 or v3
One thing that seems to work after running Configure is to swap
-bpowerpc64-linux with -m64 in the toplevel Makefile.
Kent
On 7/14/05, Kent Yoder [EMAIL PROTECTED] wrote:
Hi, on RHEL4 ppc64 I am getting the same message while building both
0.9.7g and 0.9.8:
[EMAIL PROTECTED]
1. http://www.iti.br/twiki/pub/Main/PressRelease2005Jun28A/Assinador.tar.gz
2.
http://www.iti.br/twiki/pub/Main/PressRelease2005Jun28A/Assinador.tar.gz.pkcs7
[2] is supposed to be a detached signature for [1], how can this be
verified with an openssl command? I was able to extract the
Reinhard Haller wrote:
[EMAIL PROTECTED] 12.07.2005 21:44
Reinhard Haller wrote:
I want to create certificates with 2 subject alternative names:
email
employee-number
The emailAddress is not part of the subject distiguished name.
Perhaps you could apply my patch from ticket 1050.
That
I think I can help you with PC certs - I am having trouble with phone
certs though :(
openssl genrsa -out ca.key 1024 (or whatever size key you want) you can
also chose dsa or dsa1 etc
and
openssl req -new -x509 -key ca.key -out cacert.pem -config [the name of
the config file] - you can
Sorry, the last command shoud have a -outform DER added to it, if you
want your ca in der format.
Anyway, to create a ca is fairly similar to previous versions, the only
thing I have noticed (I am using windows) is that the perl stuff does
not work (but I did not put mcuh time into trying to
This is a follow on from my last post as the text lost its formatting.
How do I change the utc time of a certificate to a smaller format
(whilst creating a cert):
18082107Z - there are lots of zeros in this format, openssl
gives less.
There is never more than one way to
Hi Again.,
This is what I found from the log file you sent..is this pointing to the
same CA cert itcilo-ca.crt, I put it in ssl.crt ?
debug] ssl_engine_init.c(1112): CA certificate:
/C=IT/ST=Piemonte/L=Turin/O=ITCILO/OU=MIS/CN=ITCILO
CA/[EMAIL PROTECTED]
[Wed Jul 13 11:48:34 2005] [debug]
Hey can you try setting verify depth to Zero and not pointing to any CA cert
i.e SSLCACertificatePath pointing to null?
Thanks
--Gayathri
Hi Again.,
This is what I found from the log file you sent..is this pointing to the
same CA cert itcilo-ca.crt, I put it in ssl.crt ?
debug]
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Michael Sierchio
Sent: Wednesday, July 13, 2005 1:26 PM
To: openssl-users@openssl.org
Subject: Re: Algorithm licensing
Ted Mittelstaedt wrote:
Actually, regardless of the cipher you use, unless you have
a
21 matches
Mail list logo
