On 8/25/2011 6:04 AM, Arjan Filius wrote:
Hello,
today i ran into a situation, where i notice firefox/chrome and
gnutls-cli use 3 tcp sessions to get a single ssl session, where openssl
s_client takes only one.
one tcp session is what i expect, and i hope someone may have an
explanation.
Hello David,
thanks for your reply, and that's correct. that was it for gnutls-cli.
after a confusing day, one of the original item triggered my firefox
browser, i thought reproduced with gnutls-cli.
In the end it was a simpel favicon issue, which kept connecting (no
cache).
regards,
On Thu,
Hi,
On 08/25/2011 11:15 PM, t...@terralogic.net wrote:
I know the theory. I'm also a programmer. I just never bothered to
install a root cert before. But I do know how to make them.
I'll dig around in FireFox and see where it is and how its done.
As for the bank. We build it and they
Use this openssl command to obtain the full hierarchy including the root
CA. This should be what you need to import the certs into your version
of Firefox.
openssl s_client -connect webbroker.tdwaterhouse.ca:443 -showcerts
If you wish to automate it, you do so via 'certutil' and using the
On Thu, Aug 25, 2011 at 03:39:59PM -0600, t...@terralogic.net wrote:
Very good!
I can write a little code to do that!
The Firefox team already did it for you. In v3.6: Tools | Page Info
| Security | View Certificate | Details | Certificate Hierarchy.
Select any member of the chain and see
On Thu, Aug 25, 2011 at 01:51:01PM -0700, Craig White wrote:
the answer lies with the people who wrote the software for the certificate
store since the whole point is trust.
If users could manipulate the root certificate store, then it would be
impossible to trust anything.
Wht? Of
Hi,
I am using openssl to one of my application. The application has
support of multithreading and runs on Windows platform. This application
uses openssl 0.9.8.0 version and has support of fips. The application
listens on a particular port and for each new connection it creates a
separate
Thanks for your detailed Explanation Dave. I am going to encrypt using AES
in server side using EVP ,
EVP_EncryptInit_ex(x, EVP_aes_256_cbc(), NULL, key,iv))
EVP_EncryptUpdate(x, outbuf, outlen, (const unsigned char*) intext,
strlen(intext)))
EVP_EncryptFinal_ex(x,outbuf+outlen,tmplen))
client
On Thu, Aug 25, 2011, rockrider33 wrote:
Hi All,
I am new to linux and openssl stuff.
I have tried to install OpenSSL (1.2.3 with fips)with FIPS module and it's
successful. (built and installed)
For building:
i had used make and gcc version 4.3.4
I hope installation was