RE: Can I be my own CA?

On Mon, 4 Feb 2002 17:20:06 -0500, bjw wrote: >I am trying to provide private company sensitive information to our >"off-site" technicians and sales people. The information is to be presented >via http (preferably https) to simplify the access and to keep it private. >It's nothing secrete but n

Re: Memory leak

Check the archives. There used to be some known but harmless memory leaks, and maybe a few less than obvious calls (like ERR_free_strings(), ERR_remove_state(0), EVP_cleanup()) you need to make to free some memory that gets magically allocated. == Greg Stark [EMAIL PROTECTED]

RE: Can I be my own CA?

Check www.linuxdoc.org for the SSL HOWTO... Franck Martin Network and Database Development Officer SOPAC South Pacific Applied Geoscience Commission Fiji E-mail: [EMAIL PROTECTED] Web site: http://www.sopac.org/ Support FMaps: http://fmaps.sourc

Re: Can I be my own CA?

You're doing it exactly right, and using a private CA for good reasons. Your initial post failed to explain that it was for a private enterprise use. You can pre-load your CA into your company browsers as part of installing their PC's. Details depend on browser; a floppy or CDROM with the

RE: Can I be my own CA?

I'm sorry if I posted to the wrong mail list... I know you provide help for open ssl and not CA help, but after four days of searching the web (I'm new to ssl) I felt you site was my best option. First, I fully agree with you!!! For public transaction a common trust is imperative!!! I should hav

RE: Memory leak

Try calling the following at shutdown: ERR_remove_state(0); ERR_free_strings(); EVP_cleanup(); Steven -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Scott Frazor Sent: Tuesday, 5 February 2002 2:21 AM To: [EMAIL PROTECTED] Subjec

Re: Can I be my own CA?

On Mon, 4 Feb 2002 12:58:53 -0500, bjw wrote: >Hi again, > >I have a second question... > >Can I host my own CA. Say on a Linux box (I think I can do it on NT, but I'd >rather not!) > >What are the draw backs to being my own CA (if it can be done) I am not >currently providing e-commerce but I w

RE: Connection hangs when using SSL

Title: Connection hangs when using SSL I have the following and it works for me on win2kPro with Apache 1.3.22 and latest mod_ssl   SSLCertificateKeyFile c:\certs\server.key SSLCertificateFile    c:\certs\server.crtSSLPassPhraseDialog   builtin SSLVerifyClient   require SSLVerifyDepth   2

RE: Connection hangs when using SSL

Title: Connection hangs when using SSL Is your SSL Server key passphrase protected? -Original Message-From: Ken Tune [mailto:[EMAIL PROTECTED]]Sent: Monday, February 04, 2002 9:10 AMTo: '[EMAIL PROTECTED]'Subject: Connection hangs when using SSL I'm trying to get Apache up

Re: Can I be my own CA?

You can do it on a linux box and the only drawback that I can think of is that people will simply need to accept your certificate. If you check out equifax I think you will find that they also are a CA and you may want to check around for alternatives to Verisign. On Mon, Feb 04, 2002 at

Connection hangs when using SSL

Title: Connection hangs when using SSL I'm trying to get Apache up and running on WinNT, with SSL I'm using Apache/1.3.19 (Win32) mod_ssl/2.8.3 OpenSSL/0.9.6a My Apache config is as follows ... SSLMutex sem SSLRandomSeed startup builtin SSLRandomSeed connect builtin SSLSessionCache

Re: Can a certificate be created using just the domain name

Hi, What you are loking for is a Wildcard Certificate ! *.domain.com You can take a look at http://www.thawte.com/getinfo/products/wildcard/overview.html Good Luck ! At 12:50 PM CN=21553.OU=Pa02LõŠ -0500, you wrote: >Hi, > >I'm new to ssl and was hoping someone could answer this question. >

Can I be my own CA?

Hi again, I have a second question... Can I host my own CA. Say on a Linux box (I think I can do it on NT, but I'd rather not!) What are the draw backs to being my own CA (if it can be done) I am not currently providing e-commerce but I would like to have my web based data encrypted, but don't

Can a certificate be created using just the domain name

Hi, I'm new to ssl and was hoping someone could answer this question. I would like to create a ssl certificate based on the domain name (mysite.com) rather then the FQDN (www.mysite.com). What I would like to do is have the same cert for: www.mysite.com myproject.mysite.com hisproject.mysite.co

Re: Problem with SSL_connect

On Mon, Feb 04, 2002 at 12:36:39PM -, vemulapati narasimha reddy wrote: > Hi All, > > I have problem with the "SSL_connect" Api call , when server(my machine) trying get >the certificates from client the following error is coming.. > > "SSL server handshake error:SSL3_GET_CLIENT_CERTIFICATE

RE: Problem encountered while generating a server private key. Help!!

I have found the solution. Please ignore this question. Thank you everyone. Wen Tu -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Wen Tu Sent: Friday, February 01, 2002 3:19 PM To: [EMAIL PROTECTED] Subject: Problem encountered while generating a server

Cipher strengths...

Is there a way by using openssl and s_client to tell if a connection is a 128 bit or 40 bit connection? I'm wanting to force a 40 bit connection and know that it is definitely a 40 bit connection on a 128 bit certificate... Also, if I was to try this with a Global Site Verisign cert, would I be a

Problem with SSL_connect

Hi All, I have problem with the "SSL_connect" Api call , when server(my machine) trying get the certificates from client the following error is coming.. "SSL server handshake error:SSL3_GET_CLIENT_CERTIFICATE: no certificate returned" Is it a problem with client? Or Problem with mine. and

RE: Memory leak

I have also noticed a leak under Windows/32 using 9.6a. I have started the task of locating the source of the leak. My memory "tester" says it is OpenSSL. I have done everything I can to insure that everything is closed and freed. The best I can get is down to a 4K leak. I'm not convicned it

Memory leak

Hi. First time using this, we'll see if the question is "old". Anyway, we are using open ssl in a project at Ericsson. In an application there is a socket layer encapculating the ssl functionallity. Using these sockets works fine. Unfortunately, I have discovered a memory leak when using these s

Reduce code size

Hi. I am a newbie to openssl and I would like to implement simple HTTPS server. I used "./config no-rc5 no-idea ..." to remove I didn't need cipher suites. However,the openssl code size is too big for me. Have a good method to reduce code size? For example,I don't need functions of client sid

SSL Alert(21)

Hello folks, I am debugging a wierd problem with netscape and an SSL enabled web server. Does anyone have any information on what SSL Alert 21 means? I looked this up, and all I can find is "decryption failed". I am curious what causes this and how I can further debug the issue. Thanks for any t