Hello,
I'm usinng OpenSSL 1.0.1c in my Server application.
This application can be configured to disallow accepting certain SSL/TLS
protocols.
If only TLS1.2 shall be allowed, the application calls
meth=(SSL_METHOD*) SSLv23_server_method();
OpenSSLctx=SSL_CTX_new(meth);
.
Is there documentation for SSL_CTX_set_default_verify_paths()? It's declared
here http://www.openssl.org/docs/ssl/ssl.html but there's no description and
no link that I see.
I have an application working on Windows using explicit PEM certificate
files: SSL_CTX_load_verify_locations(SslCtx,
In implementing AES-CMAC-128 over a message, I assumed it would be
equivalent in OpenSSL to hand the EVP_aes_128_cbc() EVP_CIPHER to CMAC, as
I did not see a regular AES-128 EVP_CIPHER availble.
It looks like sending AES-CBC into CMAC is the same thing as AES-CMAC-128.
Question answered.
Hi,
I can't seem to be able to connect to the gmail imap server from apps using
openssl. I am on an university network, behind a firewall.
% openssl s_client -debug -connect imap.gmail.com:993
CONNECTED(0004)
write to 0x1026ef0 [0x1026f70] (184 bytes = 184 (0xB8))
- 16 03 01 00 b3 01 00
I have a Windows 2008 server that runs an application I use to transfer
files to my business partner's site via sftp.
I need to generate a SSH key pair with openssl and then send my partner the
public key while I keep the private key.
I don't know how to do this with openssl, can someone help me?
Dear All,
I'm working on a bigger poject where openSSL is used. Right now I'm doing
the migration from 1.0.0e to 1.0.1c. On the way I get a number of linking
errors, like: ssleay32.lib(ssl_sess.obj) : error LNK2001: unresolved
external symbol _BUF_strdup
This problem relates to the new
Dear All,
I've got another question regarding the contents of 1.0.1c.
I didn't really find the references to what RFC specs are implemented in the
new version (not many RFC references in changelogs and docs at all).
I was wondering if Maximum Fragmentation Length (found in RFC6066 page 8)
was
Dear All,
(Sorry for posting the 3rd separate thread, but I have totally independent
issues and I think it's better to handle them in different threads - eases
the search in the future.)
I had an issue with openSSL 1.0.0e with session resumption. According to the
RFC specs (as early as TLS
You can do this with the openssl.exe utility.
I am less than an expert but the doc is here:
http://www.openssl.org/docs/apps/openssl.html
Take a look at openssl.exe req -newkey
Charles
From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of ML Harmon
Sent:
I was good with openssl until this link.
http://www.openssl.org/docs/HOWTO/keys.txt
It says openssl creates one file for both the public and private keys. That
doesn't make sense to me.
See my above link.
With OpenSSL, the private key contains the
public key information as well, so a public key
Hmm. That does seem odd.
Use openssl genrsa to generate the private key.
Use openssl rsa -pubout to generate the public key from the private key.
Charles
From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of ML Harmon
Sent: Friday, August 31, 2012 12:10 PM
Hi Gerhard,
I have been playing with those options myself and your scenario should work.
Try using s_server -no_ssl2 -no_ssl3 -no_tls1 -no_tls1_1 in conjunction with
s_client -tls1_1. This sets exactly the options you indicate and it fails to
connect.
It's not clear from your code, but make
From: owner-openssl-us...@openssl.org On Behalf Of Hankyaku
Sent: Friday, 31 August, 2012 05:29
I'm working on a bigger poject where openSSL is used. Right
now I'm doing the migration from 1.0.0e to 1.0.1c. On the way
I get a number of linking errors, like: ssleay32.lib(ssl_sess.obj)
:
From: owner-openssl-us...@openssl.org On Behalf Of Charles Mills
Sent: Friday, 31 August, 2012 12:39
To: openssl-users@openssl.org
Subject: RE: Creating a SSH Key pair - public and private for
my Windows 2008 server app so it can communicate with a
partner sftp site
You can do this with
From: owner-openssl-us...@openssl.org On Behalf Of Mithun Kumar
Sent: Thursday, 30 August, 2012 19:50
openssl s_client -connect NC-WIN2008X64:1433 -state -debug -msg -ssl3
CONNECTED(0003)
SSL_connect:before/connect initialization
write to 08A018A8 [08A0B660] (100 bytes = 100 (0x64))
snip
From: owner-openssl-us...@openssl.org On Behalf Of Charles Mills
Sent: Friday, 31 August, 2012 12:00
To: openssl-users@openssl.org
Subject: SSL_CTX_set_default_verify_paths and Windows?
Is there documentation for SSL_CTX_set_default_verify_paths()?
It's declared here
Ah well. I tried to help.
which is .exe only on Windows
The OP said he was on Win 2K8.
Charles
-Original Message-
From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Dave Thompson
Sent: Friday, August 31, 2012 3:58 PM
To:
Dave, thanks much.
OK, SSL_CTX_set_default_verify_paths() won't do anything for me.
There is definitely an engine for MS CAPI
I ran into some references to capi and e_capi researching this question on
the Google but I could not find any big picture.
Or of course you could just read the certs
18 matches
Mail list logo
