Hi,
Thanks for the input guys, however the 15 second pause exists even if i
explicitly disable reverse lookups in apache 'Hostnamelookups Off' in
httpd.conf and my server is operating on an internal network in a company so
although i cant say for sure i doubt there is much IPV6 stuff around.
On Tuesday 26 Apr 2011 19:35:48 Mounir IDRASSI wrote:
Hi James,
I got the the correct certificate chain from my Windows 7 box. Microsoft
tends to update its trusted CA certificates store more quickly and
regularly than Mozilla or Linux distros: the latest update was last
month on March 23rd
Hi all,
I've been looking for a way to bind the openssl s_client command line
tool to a certain outgoing IP on a multi-IP host and all I've found was
a thread on how to do that using the library:
http://marc.info/?l=openssl-usersm=127166957110771w=2
Is there maybe some obscure bind option the
Hi,
Just to test if my slowness is SSL or DNS/Network related i switched the server
in http mode and got the guys to re-connect. Connection times are now
sub-second. So my slowness is definatly https / SSL related.
I guess that does not 100% rule out DNS/Network stuff, as SSL could be doing
* Matthew Fletcher, Wednesday, April 27, 2011 12:40 PM
I guess that does not 100% rule out DNS/Network stuff, as SSL
could be doing extra network lookups.
Are there any more SSL diagnostics i can enable to try and
pinpoint the problem ?
maybe checking with strace -ttt -p ... which
Matthew Fletcher wrote:
Hi,
Thanks for the input guys, however the 15 second pause exists even if i
explicitly disable reverse lookups in apache 'Hostnamelookups Off' in
httpd.conf and my server is operating on an internal network in a company so
although i cant say for sure i doubt there is
Dear OpenSSL Community,
I am a new user of OpenSSL and have a pretty simple question. I'm
trying to create a self-signed certificate and so far has done the
following.
Step 1)openssl genrsa -des3 -out server1.key 1024
Step 2)This asked for a password and I made a password asdf
Step 3)
Hi,
I need to compile OpenSSL only with support for Symmetric encryption - only
3DES support. How I can remove all unneeded stuff? Can you give an advice what
to remove and how to remove it?
Regards
Peter
Hi,
Thanks for the input guys, however the 15 second pause exists even if i
explicitly disable reverse lookups in apache 'Hostnamelookups Off' in
httpd.conf and my server is operating on an internal network in a company so
although i cant say for sure i doubt there is much IPV6 stuff
I am creating a self signed x509 certificate using code based on the
mkcert.c sample code included in the OpenSSL demo sources. I need to
set the algorithm to sha256WithRSAEncryption and I cannot figure out
how to do this with the APIs. I always end up with
sha1WithRSAEncryption. Am I trying to do
On 04/27/11 12:39 PM, derleader mail wrote:
Hi,
I need to compile OpenSSL only with support for Symmetric
encryption - only 3DES support. How I can remove all unneeded stuff?
Can you give an advice what to remove and how to remove it?
I suppose one approach would be to run a test suite
Hi,
I need to compile OpenSSL only with support for Symmetric
encryption - only 3DES support. How I can remove all unneeded stuff?
Can you give an advice what to remove and how to remove it?
I suppose one approach would be to run a test suite that does just what
you need (and
I suspect client behavior is incorrect. It could have to do with 1.1
HTTP, especially if client is PHP (because of 100 continue
problems). There are several other documented delays including a 15
second default keep alive. There is also a cURL problem that can
cause this on the client side.
Thanks for the response, using -sha384 appears to be working and
verifies correctly.
Mike
-Original Message-
From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Dr. Stephen Henson
Sent: Sunday, April 24, 2011 4:17 AM
To: openssl-users@openssl.org
Hi,
Have you tried changing this
if (!X509_sign(x,pk,EVP_sha1()))
to
if (!X509_sign(x,pk,EVP_sha256()))
On Thu, Apr 28, 2011 at 4:13 AM, Mike Markley m...@buddytv.com wrote:
I am creating a self signed x509 certificate using code based on the
mkcert.c sample code included
That did it! Thank you, I'm neck deep into code that I don't fully
understand, I greatly appreciate the help.
Mike
On Wed, Apr 27, 2011 at 3:54 PM, re est re.est1...@gmail.com wrote:
Hi,
Have you tried changing this
if (!X509_sign(x,pk,EVP_sha1()))
to
if
16 matches
Mail list logo