Hello everybody
Is possible to set up openssl application for verify command in order to
checking all relevant CRLs in verification chain ?
Because I find that the CRL checking is exercised only at the lowest level,
that means 0 depth in verification level.
Thanks
--
View this message in
Kyle Hamilton wrote:
The ITU X.509v1? The X.509v3? The Internet Public Key Infrastructure
Certificate Profile? Perhaps the Attribute Certificate profile? Or the
Proxy Certificate profile? Or some other profile?
excerpt from the 2000 version. Since this is the one that I have online.
Hi,
I am using the examples from the O'Reilly book Network Security with
OpenSSL (X.509 section) to create a CSR, push a custom extension into
it and sign that CSR with a given private key. This - in general - works
OK, but when I want to use the resulting certificate chain (I have the
signing
Am Di, 8.05.2007, 21:48, schrieb Kyle Hamilton:
Randomness is randomness. However, the important thing is that the
randomness is not known, and the randomness cannot be retrieved.
If you're worried about passing the tests on a subset of the data,
take the subset that you're thinking of and
On Wed, May 09, 2007, Christopher Kunz wrote:
I wrote an extremely simple program to check what might be wrong with
the certificate stack and this seems to be the problem:
15939:error:0D078079:asn1 encoding routines:ASN1_ITEM_EX_D2I:field
missing:tasn_dec.c:391:Field=d, Type=RSA
Dr. Stephen Henson schrieb:
Hmmm that error shouldn't be encountered when you load a certificate. It
suggests that you have an RSA private key but that it is in an invalid format.
I forgot to mention that openssl x509 -text -noout -in mycertchain.pem
does produce valid output, and seems to
On Wed, May 09, 2007, Christopher Kunz wrote:
Dr. Stephen Henson schrieb:
Hmmm that error shouldn't be encountered when you load a certificate. It
suggests that you have an RSA private key but that it is in an invalid
format.
I forgot to mention that openssl x509 -text -noout -in
Samuel what does that mean... if you live in NY i'll buy you dinner
On 5/9/07, Samuel Reed [EMAIL PROTECTED] wrote:
Is it worth something?
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Michael Fedor
Sent: Wednesday, May 09, 2007 2:52 PM
To:
Michael Fedor wrote:
Thanks do you know who the list maintainer is.
I suspect that instructions for contacting the list maintainer could be had via
the [EMAIL PROTECTED] email listed in the trailer appended to all emails
sent via the list. Sending it a message containing a line that reads
On Wed 07-05-09 17:52, Michael Fedor wrote:
How can I delete any post that have my email address.
[EMAIL PROTECTED]
there is data that should not be out on the net
You may or may not be able to persuade the list maintainer to delete
your posts, but it won't do you much good. I have my own
Im cool
On 5/9/07, Keith Thompson [EMAIL PROTECTED] wrote:
On Wed 07-05-09 17:52, Michael Fedor wrote:
How can I delete any post that have my email address.
[EMAIL PROTECTED]
there is data that should not be out on the net
You may or may not be able to persuade the list maintainer to delete
If you're talking about the cert and session key you posted, anyone can
get
the cert from the server and the master key is useless.
DS
__
OpenSSL Project http://www.openssl.org
12 matches
Mail list logo