I am designing a secure webserver for use in a small company. The
connection must be secure.
My plan is to use SSL/TLS and 'AuthConfig/htpasswd' to make the
connections. I have reviewed various explanations of how to create my
own Certificate Authority and how to create both server and client
Hi Steve,
Here are a couple books that helped me understand SSL and the X.509
security model:
Network Security with OpenSSL, ISBN 059600270X
Planning for PKI, ISBN 0471397024
Joe
On Sep 10, 2004, at 1:17 PM, Steve Ankeny wrote:
I am designing a secure webserver for use in a small company. The
On Fri, Sep 10, 2004, Aleix Conchillo Flaque wrote:
Hi,
I've asn1parsed the request file. Displaying the request with MS
certutil.exe utility, I thought that there where two extensionRequest
attributes.
But parsing the request, I've seen this:
455:d=4 hl=2 l= 10 prim: OBJECT
Hi there,
What's the best way to encoded a DER-encoded DN string to human readable format?
Thanks,
-g
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL
Hi
everybody!
I'm working
in a project (transactional switch) which uses RSA encryption to encrypt part of
the transaction data. I'm using RSA keys in DER format stored in a database and
I need to convert this buffer to a RSA structure, without using files (which is
the method I'm using
The d2i_* functions will convert from DER-encoded things to Internal
structures. The two you'll probably want are
d2i_RSAPrivateKey()
d2i_RSAPublicKey()
On Sep 10, 2004, at 3:36 PM, Herbert Skopnik V. wrote:
Hi everybody!
I'm working in a project (transactional switch) which uses RSA
On Fri, Sep 10, 2004, Geoffrey Huang wrote:
Hi there,
What's the best way to encoded a DER-encoded DN string to human readable
format?
Convert from DER to X509_NAME structure using d2i_X509_NAME() then produce
human readable version using X509_NAME_print_ex().
Steve.
--
Dr Stephen N.
Joseph:
Thanks for the answer, but I've used d2i_RSAPublicKey() and the application crashed
with a segmentation fault. I'm using this piece of code:
char buf[1024];
int len;
RSA *PubKey;
PubKey = d2i_RSAPublicKey(NULL, (const unsigned char **)buf, len);
What's wrong?
Best regards,
Herbert
It looks like len is uninitialized. I'm assuming you've populated the
buf structure with the DER-encoded key from your database. You'll
need to set len to be the length of the object retrieved from your
database. For example:
long len;
unsigned char buf[1024];
RSA* pub_key;
len =
Hmm, interesting!
That means that they are actually in possession of your private key? Doesn't
sound like the ideal solution to me. There are times when key recovery/key
escrow procedures would demand a central repository of private keys, but in
this case it seems a bit dangerous, or am I just
Great -- that's what I gleaned from the documentation, but I wanted to be sure.
Thanks,
-g
Dr. Stephen Henson wrote:
On Fri, Sep 10, 2004, Geoffrey Huang wrote:
Hi there,
What's the best way to encoded a DER-encoded DN string to human readable
format?
Convert from DER to X509_NAME structure
Joseph and Rich:
In the previous code I obviated the len initialization, but it was initialized; and
I used what Rich said. The application did not crashed, but I got this error:
error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
I've not found any documentation about this error.
On Fri, 10 Sep 2004, Ryan Beisner (AE) wrote:
https://www.geotrust.com/news_events/press/pr_reissues_083004.htm
Well, apparantly they only send the CERT, not the KEY. Now you have to
log into their web site to retrieve the corresponding KEY. So, now you
know if you ever get one via Bulkregister.
I don't know what Rich said because it appears not to have been posted
to the list. My only guess is that your database is having problems
with binary data? What database are you using?
On Sep 10, 2004, at 5:00 PM, Herbert Skopnik V. wrote:
Joseph and Rich:
In the previous code I obviated the
On Fri, Sep 10, 2004, Herbert Skopnik V. wrote:
Joseph and Rich:
In the previous code I obviated the len initialization, but it was initialized;
and I used what Rich said. The application did not crashed, but I got this error:
error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong
On Fri, Sep 10, 2004, Herbert Skopnik V. wrote:
Hi everybody!
I'm working in a project (transactional switch) which uses RSA encryption to encrypt
part of the transaction data. I'm using RSA keys in DER format stored in a database
and I need to convert this buffer to a RSA structure,
I'm writing a rather specialized application doing weird things with
certificates. I'm able to retrieve certificates from an X509_LOOKUP
object, verify them, signed other certificates with them, etc. But I
can't write them to a PEM file. No error occurs if I try, but the
result is a small
17 matches
Mail list logo
