Hello all,
Trying to connect to an Exchange 2003 SP2 Virtual SMTP Server with
s_client but get the following (OpenSSL 0.9.8g):
openssl s_client -connect mail.somehost.com:587 -state
CONNECTED(0003)
SSL_connect:before/connect initialization
SSL_connect:SSLv2/v3 write client hello A
SSL_connect
Akos Vandra wrote:
> Thank you, this was much more helpful.
>
> 2009/7/10 Victor Duchovni :
>> On Fri, Jul 10, 2009 at 11:11:48PM +0200, Akos Vandra wrote:
>>
The parties involved here are not connected to the internet, and thus
don't have any access to a (this is an embedded project),
On Fri, Jul 10, 2009 at 11:50:33PM +0200, Akos Vandra wrote:
> > If the subject participates in a protocol in which the certificate
> > authenticates its private key, generally a unique identifier for
> > each subject is sufficient to support per-subject ACLs, ...
> >
> > If this is something akin
Thank you, this was much more helpful.
2009/7/10 Victor Duchovni :
> On Fri, Jul 10, 2009 at 11:11:48PM +0200, Akos Vandra wrote:
>
>> > The parties involved here are not connected to the internet, and thus
>> > don't have any access to a (this is an embedded project), and they
>> > must confirm
On Fri, Jul 10, 2009 at 11:11:48PM +0200, Akos Vandra wrote:
> > The parties involved here are not connected to the internet, and thus
> > don't have any access to a (this is an embedded project), and they
> > must confirm eachother's identity based on the CA-signed certificates.
Well, my addres
Victor Duchovni wrote:
On Fri, Jul 10, 2009 at 10:04:45PM +0200, Akos Vandra wrote:
Hello!
I need to issue a few certificates with custom fields, with the
customers more thoroughly identified, including Full name, Address,
Telephone number, blablabla, and even a picture of the poor guy.
to a central database, that is
2009/7/10 Akos Vandra :
> Before just criticizing anything without any arguments whatsoever,
> just stating that something is wrong, please think for a while.
> Critiques are very important too, but if you do decide to criticize
> something, make it useful.
>
> T
Before just criticizing anything without any arguments whatsoever,
just stating that something is wrong, please think for a while.
Critiques are very important too, but if you do decide to criticize
something, make it useful.
The parties involved here are not connected to the internet, and thus
do
Thank you, the certificate was verified as valid.
As far as the CAPATH command, is it literally called "CAPATH"? because I
couldn't find any reference to it in the openssl documentation.
Carlo
-Original Message-
From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.
On Fri, Jul 10, 2009 at 10:04:45PM +0200, Akos Vandra wrote:
> Hello!
>
> I need to issue a few certificates with custom fields, with the
> customers more thoroughly identified, including Full name, Address,
> Telephone number, blablabla, and even a picture of the poor guy.
A certificate is not
Hello!
I need to issue a few certificates with custom fields, with the
customers more thoroughly identified, including Full name, Address,
Telephone number, blablabla, and even a picture of the poor guy.
Can this be done with one of the standards which uses openssl, or
would I have to make one of
Mike Frysinger writes:
[...]
> ive been trying to figure out exactly how to invoke openssl to get the
> equivalent behavior.
It's beyond me, I'm afraid. But a couple of things do suggest
themselves...
[...]
> i'm creating the parameters file with:
> openssl ecparam -name sect163k1 -rand -p
i was given a small "ecsign.exe" program that takes some ECC parameters, the
private key, a random number, and outputs a signature of the specified binary.
i'm trying to ditch this program in favor of the openssl suite (for obvious
practical reasons).
for example, the parameters file looks lik
To close out this issue in the hopes that this will be of use to someone
in the future, Dr. Henson greatly helped in tracking the problem down to
a PHP extension that was calling EVP_cleanup().
"When you have a shared library using OpenSSL and multiple applications
things like algorithm tables
Hello everyone! I have a couple of questions regarding certificate chains that
I hope can be answered. The certificate chain goes something like this: root
CA -> subordinate CA -> endpoint.
1) Must each endpoint have access to the root CA certificate in order to
establish client TLS connectio
i was given a small "ecsign.exe" program that takes some ECC
parameters, the private key, a random number, and outputs a signature
of the specified binary. i'm trying to ditch this program in favor of
the openssl suite (for obvious practical reasons).
for example, the parameters file looks like (
Dear list,
another update - we got it.
[Fri Jul 10 10:28:39 2009] [error] [client 172.30.64.154] MWDE/nm: OCSP
response line unstripped: HTTP/1.1 200 OK
[Fri Jul 10 10:28:39 2009] [debug] ssl_util_ocsp.c(217): [client 172.30.64.154]
OCSP response header: Date: Fri, 10 Jul 2009 09:29:06 GMT
[Fri
Updated details. If we do compare the two requests (one failing because of "not
enough data", one working fine), there are obvious differences in receiving the
response.
Working fine:
[Tue Jul 07 14:32:24 2009] [debug] ssl_util_ocsp.c(104): [client 10.200.48.140]
sending request to OCSP respond
18 matches
Mail list logo
