Hi Steve,
I'm afraid that's not possible out of security reasons.
Regards
Andi
-Original Message-
From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Dr. Stephen Henson
Sent: Monday, January 18, 2010 5:09 PM
To: openssl-users@openssl.org
Subject:
On Tue, Jan 19, 2010, Muehlbauer, Andreas wrote:
I'm afraid that's not possible out of security reasons.
I'm not sure what security reasons you would have. The CSR only contains the
details you put in it and will appear in a public certificate anyway which
will be err public.
If you don't
Michael D wrote on Tue, 12 Jan 2010 06:01:23 -0800
(but some of my mail got lost or dropped for some
reason and I only later found in mail-archive)
(and majordomo 'which' is either broken
or deceptive, which didn't help matters!)
Dave,
I think I have been getting ahead of myself and need to do
Dear Sir or Madam,
I am trying to compile openssl-fips-1.1.2.tar.gz on a Windows XP desktop
according to the User Guide 1.2 for the FIPS module. The first step is run
ms/do_fips.bat.
That file does not exist in this tar ball. When I use the do_fips.bat from
the OpenSSL-0.9.8j tar ball,
* Kyle Hamilton wrote on Thu, Jan 14, 2010 at 15:50 -0800:
On Wed, Jan 13, 2010 at 5:58 AM, Steffen DETTMER wrote:
There is currently no way for even an ideal TLS implementation to
detect this issue.
[...]
Yes. Please see SSL_CTX_set_info_callback(3ssl).
hum, now I'm confused, I
Hi All,
I am developing an NTPV4 client/server as per NTPV4 standards. We tried our
client application with 'Meinberg NTPV4 4.2.4p7' server and found it to be
working fine with MD5 hashing. But viz.. is not working (our server application
is not working with the 'Meinberg NTPV4 4.2.4p7'
Thankyou all...Your comments helped a lot and I have managed to get my CA
running perfectly..
Thanks!
Anton
2010/1/12 Patrick Patterson ppatter...@carillon.ca
Ok - several things:
1: Does the certificate contain both an email address, and EKU of
emailProtection?
2: Did you import the CA
On Tue, Jan 19, 2010 at 07:43:34PM +0530, Emmanuel, Mathews IN BLR SISL wrote:
Inference:
'Meinberg NTPV4 4.2.4p7' client sends the ASSOC request and receive the ASSOC
response from our server. But the Meinberg client again sends the ASSOC
request to our server instead of sending the CERT
On Mon, Jan 18, 2010, R Kahn wrote:
Dear Sir or Madam,
I am trying to compile openssl-fips-1.1.2.tar.gz on a Windows XP desktop
according to the User Guide 1.2 for the FIPS module. The first step is run
ms/do_fips.bat.
Wrong version. You need the 1.2 version of the tarball from:
* Kyle Hamilton wrote on Thu, Jan 14, 2010 at 12:03 -0800:
* Steffen asked...
...on this level
[thanks a lot again for all the clarifications: authentication
levels, authentication-agnostic, URI-dependent certificates,
bugfix because missed intention, MITM tricks twitter to decrypt
and
I have the following scenario:
i need an application that will do the following:
1. there is an input folder. In this folder, files will be
copied/downloaded.
2. An application/script will periodically query this folder (auto-detection
is also accepted).
3. if a new file is detected, the
We are having trouble using openssl's certificate checking to validate
certain certificates where certificates in the chain are inconsistent in
their choice of string encoding.
Using e.g. openssl-0.9.8e-12.el5, the connection in the accompanying
certificate chain (intermediate cert and final cert
On Tue, Jan 19, 2010, Colin Phipps wrote:
We are having trouble using openssl's certificate checking to validate
certain certificates where certificates in the chain are inconsistent in
their choice of string encoding.
Using e.g. openssl-0.9.8e-12.el5, the connection in the accompanying
On Tue, Jan 19, 2010 at 6:19 AM, Steffen DETTMER
steffen.dett...@ingenico.com wrote:
* Kyle Hamilton wrote on Thu, Jan 14, 2010 at 15:50 -0800:
On Wed, Jan 13, 2010 at 5:58 AM, Steffen DETTMER wrote:
There is currently no way for even an ideal TLS implementation to
detect this issue.
[...]
What are the new rules for canonicalization of names from UTF8 to
printableString?
-Kyle H
On Tue, Jan 19, 2010 at 1:55 PM, Dr. Stephen Henson st...@openssl.org wrote:
Here you'll see that now the issuer hash matches because 1.0.0 uses a
different algorithm for computing hashes which relies
On Tue, Jan 19, 2010, Kyle Hamilton wrote:
What are the new rules for canonicalization of names from UTF8 to
printableString?
It's not the full RFC5280 algorithm. It just translates characters rather
naively to lower case and performs the necessary space folding. Enough to pass
the PKITS
Hi,
Are there any options in OpenSSL to compare two certificate
chains based on some parameters. Could the comparison parameters be
fingerprints, validity, algorithm and other features like CRL url's ?
Thanks,
mohan
__
Thanks Viktor. I will check the usage of strcpy () and strlen ().
I may have to contact the NTP developer's group for further clarifications.
With best regards,
Mathews Emmanuel
Siemens Information Systems Ltd
CTDC I IADT IN
Survey No. 39, 41, 42
Block B, Salarpuria Infozone
Electronic City
18 matches
Mail list logo