Script started on Mon Jul 13 09:31:31 2015
doctor.nl2k.ab.ca//usr/source/openssl-1.0.2-stable-SNAP-20150713$ make test
testing...
(cd ..; make build_libcrypto)
making all in crypto...
ar r ../libcrypto.a cryptlib.o mem.o mem_dbg.o cversion.o ex_data.o cpt_err.o
ebcdic.o uid.o o_time.o o_str.o
Hi All,
Please let me know what is the compatible openssl-fips package for the
0.9.8zg version.
When i try with with openssl-1_2_4, I am getting the below error
bash 3.2:90gcc -I. -I.. -I../include -fPIC -DOPENSSL_PIC -DOPENSSL_THREADS
-D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -m32 -DL_ENDIAN
On Mon, Jul 13, 2015 at 01:03:09PM -0400, Colin Edwards wrote:
I've been reading/hearing different opinions on the recent vulnerability
for cert chain forging that was patched (CVE-2015-1793).
Some people are saying the vulnerability only exists if a system is using
certificate-based client
On 13/07/2015 12:22, Victor Wagner wrote:
On Mon, 13 Jul 2015 12:25:40 +0530
Nayna Jain naynj...@in.ibm.com wrote:
Hi all,
I am programmatically generating the self signed certificate and need
to specify the Not Before and Not After date,
Wanted to understand what all formats are acceptable
On Tue, Jul 14, 2015 at 01:23:52PM -0400, Colin Edwards wrote:
Thank you, Kurt. The information I was getting (from some sources) was that
the vulnerability was only present in configurations where the server was
authenticating a client certificate. The fact is, the vulnerability applies
to
(continuing top posting to keep thread consistent)
Note that the point of using an X.509 signature at file creation time
and/or client approval time was to reuse the internal file structure
that is already designed to hold that particular signature format
(specifically, the internal file
This is important when creating root certs with expiry dates after 2038
Not an issue for openssl. As long as you use ASN1_TIME values, it's okay.
Might be an issue if converting to time_t on 32-bit platforms.
___
openssl-users mailing list
To
if ASN1_TINE_set_string() avoids that limitation, despite Victor's suggestion
to never use it.
It does avoid the limitation, using only |struct tm| to hold parsed fields, and
not building a |time_t| from it. Not sure why Viktor doesn't like it. It seems
to me it's the only portable thing to
I am doing some tests using OpenSSL command line utility 'openssl'. My tests
show regarding to the performance of executable ‘openssl’ there is no
difference between 1.0.1p and 1.0.2d.
Here is the test results.
ksol1% ./1.0.1p/shared64bit/openssl/bin/openssl speed -evp aes-128-cbc
WARNING:
On 14/07/2015 21:50, Salz, Rich wrote:
This is important when creating root certs with expiry dates after 2038
Not an issue for openssl. As long as you use ASN1_TIME values, it's okay.
Might be an issue if converting to time_t on 32-bit platforms.
Victor suggested to use only ASN1_TIME_set()
Hello,
I¹ve made several attempts to compile various versions of OpenSSL, the
latest being 1.0.2d for Win32. Although many attempts to compile have been
successful and the dlls (and .exe) usable, I have not been able to
successfully disable SSLv3.
I attempted on a Windows 7 box using VC 2010, I
Some additional information here. When testing the default openssl installed
in /usr/bin/ on Solaris 11, I saw a much better result below. Hence I
believe OpenSSL utility 'openssl' built by me does not use the hardware
crypto accelerators at all.
Anyone knows the reason?
Thanks,
Aaron
ksol1%
Hi Jacob,
I have used openssl-fips-1_2_4 with openssl 0.9.8zf and not found any
issue. For my environment, just I upgraded my openssl version from 0.9.8zf
to zg.
Thanks,
Gayathri
On Wed, Jul 15, 2015 at 12:36 AM, Jakob Bohm jb-open...@wisemo.com wrote:
On 14/07/2015 12:35, Gayathri Manoj
Hello OpenSSL folks,
I noticed that the OpenSSL command line utility 'openssl' built in Solaris
11.1 does not use SunSPARC crypto accelerators.
From the change log of OpenSSL 1.0.2, I saw the following description.
Changes between 1.0.1l and 1.0.2 [22 Jan 2015]
...
*) Support for SPARC
On 14/07/2015 12:35, Gayathri Manoj wrote:
Hi All,
Please let me know what is the compatible openssl-fips package for the
0.9.8zg version.
As far as I know you need to use the file
http://www.openssl.org/source/openssl-fips-1.2.4.tar.gz
with the specific HMAC checksum specified in the
Thank you, Kurt. The information I was getting (from some sources) was that
the vulnerability was only present in configurations where the server was
authenticating a client certificate. The fact is, the vulnerability applies
to certificate validation regardless of if it's on the client or
16 matches
Mail list logo