Hello,
I tried with openssl s_client but i cant get any OpenSSL version
information back. Is there some easy ways of determine if the remote
service is vulnerable or can you ensure that the versions which is
older than 0.9.6k or 0.9.7c are not vulnerable.
SSL server do not send back version
Hello,
Thanks for the tip. But I still can't sign a Certificate Request.
opensssl first asked for dir serial. I mkdir'd it, then it complains about
not being able to load a serial number.
jfd
This looks like not properly setup CA infrastructure.
Look at CA.pl script (man CA.pl) to get some
There is aexmple implemtation of usage ofbio_pairs in ssltest.c file includedwith the ssl distribution. This should give you a goodidea about how to use them properly.I too took that sameimplemetion from ssltest.cand wrapedit ina class for my IOCP serverwithout too much of a trouble.
Regards,
On Mon, Jan 29, 2007 at 04:53:50PM -0500, Victor Duchovni wrote:
Sun builds libcrypto with AES128 support, but without AES256 support.
And attempts to paper-over the problem with a custom DEFAULT cipherlist,
(but COMPLEMENTOFDEFAULT is wrong, and ALL and HIGH are not usable).
When ALL is
Hello all,
I am doing, in C language, a SSL client with openSSL 0.9.7g
I have multiple clients (about 10) using the same SSL_CTX and connecting
to 2 different servers. (5 clients on each for example).
I wonder how SSL_get_session, SSL_set_session ans SSL_SESSION_free have
to be used there.
Terry
I ran into same problem a while ago. I had a blocking server, waiting
for client to connect. I had non-blocking client connected to server, It
never pass SSL_connect(). I changed non-blocking to blocking I/O BEFORE
I called SSL_connect(). It worked fined. It seem to me you need to using
hello Thao
Thank you for trying but no, this does not help.
If you want to build a single threaded scalable server using nonblocking
i/o, you need to use exclusively nonblocking i/o. You can't conveniently
block on one connection while it sorts itself out, as you put the other
connections
Terry
On the client side, I convert back from blocking socket to n0n-blocking
socket after successfully calling SSL_connect. On the server side, I
call accept(). After accept return socket, put ssl on this socket, then
call SSL_accept(). If SSL_accept() successes, spin off a thread to
handle this
Greetings everyone:
We're using OpenSSL for TLS client/server authentication, implement
via EAP-FAST protocol.
We are seeing odd output when doing the tunnel establishment
phase( tls full client side auth handshake) on the client side.
Details are:
a. we set the ciphersuite to
On Tue, Jan 30, 2007, Dinh, Thao V CIV NSWCDD, K72 wrote:
Terry
I ran into same problem a while ago. I had a blocking server, waiting
for client to connect. I had non-blocking client connected to server, It
never pass SSL_connect(). I changed non-blocking to blocking I/O BEFORE
I called
Hi,
sorry, please let me ask this question:
The ASCII files OpenSSL produces all look like
BEGIN CERTIFICATE
...
END CERTIFICATE
Is the number of dashes reliably 4? And what is the name
of this file format?
A customer asks me to send the certificate without these
surrounding
Hi,
sorry, please let me ask this question:
The ASCII files OpenSSL produces all look like
BEGIN CERTIFICATE
...
END CERTIFICATE
Is the number of dashes reliably 4? And what is the name
of this file format?
Yes. PEM.
DS
I have what I hope to be a relatively simple question regarding
SSL_read/write/etc operations on nonblocking sockets, and the errors
they return. I would like to preface this by saying that I have spent
hours scouring google and also searching the archives and I haven't
really found an answer,
On Tue, Jan 30, 2007 at 10:24:21AM -0500, Victor Duchovni wrote:
Is this the right forum? I want to make that Postfix 2.4 is still correct
when OpenSSL 0.9.9 is released, and I am reluctant to augment the AES-256
work-around with a Camellia-256 work-around, ... I am looking for a more
14 matches
Mail list logo