Warrick FitzGerald wrote:
Is there somewhere that you can download a package of all currently
trusted CA's. I know this is a very broad question, as who defines who
the trusted ones are.
I was just thinking that since vendors like $MS have a list of standard
trusted CA's, that the
On Wed, Nov 09, 2005, Steffen Fiksdal wrote:
I am investigating, and will come back when I find out what happens.
OK, I'd suggest placing a couple of calls in the rsa_pk1.c file which dumps
out the public key and the block it is attempting to decrypt.
Then see if the public/key and/or
On Wed, Nov 09, 2005 at 03:27:18PM +, Katie Lucas wrote:
When I read the requests subject, I get a non-null pointer. Which
crashes any of the X509 name functions I pass it to..
*sigh*
Ok, we have found this. Apparently, we have multiple versions of
openssl in various places on this
On Thu, Nov 10, 2005, Steffen Fiksdal wrote:
I have investigated some more on this issue.
I have traced the problem down to the MONT_HELPER call int the
RSA_eay_public_decrypt function in file rsa_eay.c.
If I mutex this call everything works fine, if I don't the verifications
failes in a
On Thu, Nov 10, 2005, Steffen Fiksdal wrote:
I have investigated some more on this issue.
I have traced the problem down to the MONT_HELPER call int the
RSA_eay_public_decrypt function in file rsa_eay.c.
If I mutex this call everything works fine, if I don't the verifications
failes in a few
On Thu, Nov 10, 2005, Steffen Fiksdal wrote:
On Thu, Nov 10, 2005, Steffen Fiksdal wrote:
I have investigated some more on this issue.
I have traced the problem down to the MONT_HELPER call int the
RSA_eay_public_decrypt function in file rsa_eay.c.
If I mutex this call everything works
Hi list,
When my client (0.9.8a) tries to connect (SSL_connect) to an openssl
s_server(0.9.7g) (openssl s_server -cert server_cert.pem -key
server_priv_key.pem), the server crashes:
gethostbyname failure
0 items in the session cache
0 client connects (SSL_connect())
0 client
On 2005.11.09 at 20:50:39 -0500, Victor Duchovni wrote:
On Wed, Nov 09, 2005 at 08:38:02PM -0500, Warrick FitzGerald wrote:
Hi Guys,
I'm trying to test a connection to a TLS enabled SMTP server. Is it
possible to use use OpenSSL to setup the TLS sessison and then interact
with the
I have forgotten one thing, the call to SSL_connect() returns "-1", and
SSL_get_error() returns SSL_ERROR_SYSCALL.
The error string is empty and errno is NULL.
Alexis Lefort wrote:
Hi list,
When my client (0.9.8a) tries to connect (SSL_connect) to an "openssl
s_server"(0.9.7g)
Title: Why is it necessary to specify --no-krb5 when installing?
I am trying to install openssl for use with openldap.
My install lines for openssl are as follows: version is 0.9.8a
./config shared --prefix=/usr/local --openssldir=/usr/local/openssl
make clean; make; make install
On Thu, Nov 10, 2005, Steffen Fiksdal wrote:
On Thu, Nov 10, 2005, Steffen Fiksdal wrote:
I have investigated some more on this issue.
I have traced the problem down to the MONT_HELPER call int the
RSA_eay_public_decrypt function in file rsa_eay.c.
If I mutex this call everything works
Joe Orton, from the mod_ssl list, submitted this perl script.
His original post:
http://www.mail-archive.com/modssl-users@modssl.org/msg16980.html
Works Great!
#!/usr/bin/perl -w
#
# Used to regenerate ca-bundle.crt from the Mozilla certdata.txt.
# Run as ./mkcabundle.pl ca-bundle.crt
#
my
Hi Warrick,
For sendmail verify TLS: openssl s_client -starttls
smtp -showcerts -connect MTA.FQDN:25
~R.Gordey
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On
Behalf Of Warrick FitzGerald
Sent: Wednesday, November 09, 2005
8:38 PM
To: openssl-users@openssl.org
I tried your suggestion to set only
X509_V_FLAG_CRL_CHECK, but unfortunately it did not
help. Attempting to connect to ANY secure server
still causes the same unable to get certificate CRL
error.
I know that the CRL is loaded successfully, because I
can later extract it from the SSL_CTX and
Title: krb5.h referenced when no-krb5 specified on config
Trouble installing openldap with openssl.
krb5.h is referenced from ssl.h even when
no-krb5 specified on call to config.
ssl.h contains:
#include openssl/kssl.h
kssl.h contains:
#include krb5.h --- this file missing
I
On Thu, Nov 10, 2005, david kine wrote:
I tried your suggestion to set only
X509_V_FLAG_CRL_CHECK, but unfortunately it did not
help. Attempting to connect to ANY secure server
still causes the same unable to get certificate CRL
error.
I know that the CRL is loaded successfully, because
On Thu, Nov 10, 2005, Steffen Fiksdal wrote:
I have tried to get this error on my other linux box, a uniprocessor non
SMP Linux kernel, without luck.
So I experience the error in a few occations on the SMP kernel, but not on
the uniprocessor non SMP Linux kernel.
When I mutex the
Okay, I solved this problem in a very unexpected way.
First of all, I was using s_server incorrectly. I
neglected to add -CAfile. Doing so caused my
application to get the error 23: certificate revoked
as expected.
However, accessing servers which were NOT revoked
still produced the error 3:
On Thu, Nov 10, 2005, david kine wrote:
Okay, I solved this problem in a very unexpected way.
First of all, I was using s_server incorrectly. I
neglected to add -CAfile. Doing so caused my
application to get the error 23: certificate revoked
as expected.
However, accessing servers
19 matches
Mail list logo