Hello,
I'm stress-testing a server. My client creates multiple, concurrent,
asynchron socket connections (single thread).
All connections use the same CTX. After successfull ssl handshake
I get the reference of a session by SSL_get1_Session(), connections
try to reuse that session thru
Hello,
I'm would like to generate a key pair using the
openssl command line utilities and store them in
files. The private key will be used by a Java program
that will do the signing. The public key will be used
by a C++ program (using openssl lib) to do the
verification.
I am having trouble
hello,
In my code I have a normal socket and I am using SSL_set_fd to turn it
into an SSL socket. After I have make it an SSL socket I no longer need
or want to the original socket. I have tried closing it after the
SSL_set_fd but this make the SSL socket no good.
What I want is to have
The SSL socket and the raw socket are not two different physical
descriptors. By using SSL_set_fd you are merely associating the file
descriptor with the higher level SSL protocol. SSL needs the physical socket
you created to do its own I/O on.
My application (previously non-SSL enabled, we
sounds good I will try that thanks,
Perry
mclellan, dave wrote:
The SSL socket and the raw socket are not two different physical
descriptors. By using SSL_set_fd you are merely associating the file
descriptor with the higher level SSL protocol. SSL needs the physical socket
you created to do
On Fri, Nov 18, 2005, Robin Hughes wrote:
Am I misunderstanding something about the
compatibility of -outform DER with
d2i_RSAPublicKey??
Yes, the formats are incompatible. You need d2i_RSA_PUBKEY() instead.
Steve.
--
Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage
Greetings,
We are using OpenSSL
with OpenOSP to set up a CA and getting following error. Would greatly
appreciate if you can throw some pointers :
22:57:56.499 01
ccmldap.c ccm_lookup_ldap_by_subje 0224 Checking for CA certificate
first22:57:56.499 01 ccmldap.c ccm_lookup_ldap_by_subje
Hi Ted,
Thanks for the info!
*BobL*
| -Original Message-
| From: [EMAIL PROTECTED]
| [mailto:[EMAIL PROTECTED] Behalf Of
| Bernhard Froehlich
| Sent: Thursday, November 17, 2005 12:51 PM
| To: openssl-users@openssl.org
| Subject: Re: Disabling Weak Encryption
|
|
Greetings,
We are using OpenSSL
with OpenOSP to set up a CA and getting following error while initializing the OSP
server.
Wewould greatly appreciate if you can
throw some pointers :
22:57:56.499 01
ccmldap.c ccm_lookup_ldap_by_subje 0224 Checking for CA certificate
first22:57:56.499 01
We'd like to tie all of our certificates to a unique identifier in a
DB... is there an attribute out there, perhaps in the PKIX extensions or
x509v3 extensions or somewhere else that would be a reasonable place for
this?
Thanks,
--
Phil Dibowitz
P: 310-360-2330 C: 213-923-5115
Unix Admin,
Issuer DN and serial number are unique. In practice you'll need
to consider whether you'll be dealing with anyone other than
competent CAs (organizations and individuals). openssl ca is
great but it's trivial to produce multiple certs with the same
issuer DN and serial number.
Bear
Phil
Bear Giles wrote:
Issuer DN and serial number are unique.
Yes, but we have a central identity system that uses GUIDs to ...
everything. We want to do it for cerificates as well. We want said GUID
to be in the certificate.
Serial number is typically used for renewals, I don't want to step on
12 matches
Mail list logo