Look at openssl-*/apps/x509.c
Arun
-Original Message-
From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org]
On Behalf Of Dallas Clement
Sent: Wednesday, June 02, 2010 9:50 AM
To: openssl-users@openssl.org
Subject: printing a certificate
Hi,
Would someone
Can anyone confirm if OpenSSL 1.0.0a is compatible with Visual Studio 2010?
-Chris
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
--- On Tue, 6/1/10, Dave Thompson dthomp...@prinpay.com wrote:
I think I found it, and it's an extension in the CA cert.
two-step with standard
config
used [usr_cert] extensions which has
basicConstraints=CA:false.
Right, I was wondering if that could be it...
The standard config file
Hi Dave,
Amazingly IE7 on testing likes even CA:false, which is crazy.
What store did the cert get put in? Was it the Trusted Root
Certification Authorities? If you let Windows automatically select the
store, it most likely went in Personal.
Jeff
On Tue, Jun 1, 2010 at 9:17 PM, Dave Thompson
Normally, when a certificate is to be valid for more than one
domain name, one name is in the CN field, and the others are in
the subjectAltName extension.
But look at the cert for https://www.ipmirror.com/;. It has
CN = admincms.ipmirror.com
CN = business.ipmirror.cn
CN =
Valid is whatever browser understands. As X.509 is/was related to LDAP,
then having multiple cn's in an entry is a no-no.
--
Konrads Smelkovs
Applied IT sorcery.
On Wed, Jun 2, 2010 at 5:23 AM, John Nagle na...@sitetruth.com wrote:
Normally, when a certificate is to be valid for more than
On Tue, Jun 01, 2010, Dallas Clement wrote:
Hi,
Would someone kindly tutor me on how to print out a certificate
programmatically? I know how to extract the common name, but was just
wondering if there is an API function to just print the whole thing in
human readable form?
X509
Hi,
How do I register the callback to download CRL for the SSL certificate.
Thanks,
Arun
On Thu, May 27, 2010 at 2:20 PM, Chuck Pareto chuckda...@gmail.com wrote:
Hi,
I'm still unsure as to the max length string I can use to encrypt. I'm using
the rsacrypto class in .net to encrypt.
I know I can't pass in a string that's 256 bytes long or greater because
there us an exception
Thanks gents!
On Wed, Jun 2, 2010 at 6:45 AM, Dr. Stephen Henson st...@openssl.org wrote:
On Tue, Jun 01, 2010, Dallas Clement wrote:
Hi,
Would someone kindly tutor me on how to print out a certificate
programmatically? I know how to extract the common name, but was just
wondering if
--- On Tue, 6/1/10, Dave Thompson dthomp...@prinpay.com wrote:
CN doesn't need to be hostname or domainname for a CA
cert.
Technically not required on entity cert either, but on WWW
most parties do want/like entity's CN to be domainname.
How does one issue a cert for multiple CN?
Suppose I
In order to be valid for the authentication of multiple DNS names an
X.509 certificate has to have them included in the subjAlternativeName
entry not in multiple CN entries in the subjectName. The latter
represents a single entity with potentially multiple CN entries, not
multiple entities each
-Original Message-
From: Vieri
--- On Tue, 6/1/10, Dave Thompson wrote:
CN doesn't need to be hostname or domainname for a CA
cert.
Technically not required on entity cert either, but on WWW
most parties do want/like entity's CN to be domainname.
How does one issue a cert
Hi Vieri,
How does one issue a cert for multiple CN?
Suppose I have just one HTTP server but it can be accessed
via multiple FQDN... I suppose I need to use subjectAltName?
Subject alternative name is one possibility. If you need a cert for
several hosts/hostnames belonging to the same
Hi,
I want to use HTTP POST request for connecting to the server..I checked with
the available sample programs but it all supports HTTP GET.
So my doubt is that Is it possible to send HTTP POST message using the
openSSL.
If yes?then how I can achieve that?
Thanks.
--
View this message in
Hi Jeff,
-Original Message-
From: Jeffrey Walton
Hi Vieri,
How does one issue a cert for multiple CN?
Suppose I have just one HTTP server but it can be accessed
via multiple FQDN... I suppose I need to use subjectAltName?
Subject alternative name is one possibility. If you
Hi Phillip,
I'm not sure what you mean by shouldn't be using public-key encryption,
why?
It seems like .Net sets up a nice class that is easily implemented, all I
need is the key and the exponent and I can encrypt and decrypt when needed.
I don't think I really have a choice about what to use, I
Hi Yogesh
Of course, yes !
SSL is completly independant of HTTP protocol.
HTTP GET and POST methods differ in the way of passing parameters.
On GET, parameter are passed in the URI as
URI?param=valueparam=value...param=value
On POST, parameters are passed in the same format
Hi
I use https post with any problem
you just need to format properly your https post string , and send the data
Regards
Luiz
Hi,
I want to use HTTP POST request for connecting to the server..I checked
with
the available sample programs but it all supports HTTP GET.
So my doubt is that
Hello,
I have OpenSSL installed on a Windows server, and a security vulnerability was
identified with v.0.9.8m, which I believe came with my Apache 2.2 installation.
Separate from Apache, I installed the v0.9.8n light binary version to generate
the key/cert files.
How can I uninstall v0.9.8m?
Hello,
Building dynamic library on HP-UX fails despite I explicitly specify
'shared' as Configure argument:
./Configure hpux64-ia64-cc -D_REENTRANT shared
Please advise.
Thank you,
Alona
http://www.opentext.com/2/email-signature-event
Hi all
I'm trying to write some code to secure credit cards in a PHP based website
using openssl. I want to generate the public / private keys using PHP. (This
bit is fine). Then encrypt the card number using PHP. (This is also fine as
I've tested that I can decrypt it again using PHP). But
John Nagle wrote:
Normally, when a certificate is to be valid for more than one
domain name, one name is in the CN field, and the others are in
the subjectAltName extension.
But look at the cert for https://www.ipmirror.com/;.
This might serve as an interesting example for the people
On 6/2/2010 11:08 AM, Alona Rossen wrote:
Building dynamic library on HP-UX fails despite I explicitly specify
‘shared’ as Configure argument:
./Configure hpux64-ia64-cc -D_REENTRANT shared
Why are you adding -D for _REENTRANT?
I did a very similar build last week, no such problems, would
On 6/2/2010 4:04 PM, Alona Rossen wrote:
This is a suggested configuration. -D stands for preprocessor define.
The reason I ask is that the entries in Configure should provide the
necessary defines, and if not, that is a bug. As it was 'suggested',
we'll just presume things are fine w/w-o it.
Chuck Pareto wrote:
I'm not sure what you mean by shouldn't be using public-key
encryption, why?
Because you don't understand its properties, so there's no way you can know
whether or not it meets your security requirements.
It seems like .Net sets up a nice class that is easily
26 matches
Mail list logo