Hi All,
I'm probably doing something wrong here, but I don't see what it is.
I'm calling SSL_CTX_load_verify_locations() with a CAT of PEM files.
I'm not calling SSL_CTX_set_default_verify_paths():
/* http://www.openssl.org/docs/ssl/SSL_CTX_load_verify_locations.html */
/* I've also tried with
On Tue, Feb 12, 2013 at 3:16 AM, Jeffrey Walton noloa...@gmail.com wrote:
...
I've used `openssl x509 -text -in AddTrust External CA Root.pem`
(copied out directly from s_client), and everything looks OK. CA is
TRUE, AKI is present, KU includes Certificate Sign, CRL Sign, etc.
$ openssl x509
I was missing Add Trust External CA Root,
https://support.comodo.com/index.php?_m=downloads_a=viewdownloaddownloaditemid=9nav=0,1.
On Tue, Feb 12, 2013 at 3:16 AM, Jeffrey Walton noloa...@gmail.com wrote:
Hi All,
I'm probably doing something wrong here, but I don't see what it is.
I'm
I realise that the eNULL/NULL ciphers add no encryption, but do they just
transmit the data as is, or is there some steganography used?
Thanks
__
OpenSSL Project http://www.openssl.org
User
I realise that the eNULL/NULL ciphers add no encryption, but do they just
transmit the data as is, or is there some steganography used?
If you truly realized they add no encryption, you'd realize the answer to your
question. :)
/r$
--
Principal Security Engineer
Akamai Technology
There were several commits to the 0_9_8 trunk after the 0.9.8y release
last week that appear to be related to CVE-2013-0169. Will there be a
forthcoming 0.9.8z release as a result? Or are these commits not needed
to mitigate CVE-2013-0169?
Thank you.
attachment: foleyj.vcf
On Tue, Feb 12, 2013, John Foley wrote:
There were several commits to the 0_9_8 trunk after the 0.9.8y release
last week that appear to be related to CVE-2013-0169. Will there be a
forthcoming 0.9.8z release as a result? Or are these commits not needed
to mitigate CVE-2013-0169?
The
I was able to specify zlib-dynamic and dso on the ./Configure command
and got make and make tests to successfully run past the zlib tests
however I was required to put a /usr/lib/libz.so shared object on my
system. On our platform we don't have a /usr/lib/libz.so shared object
but rather we
From: owner-openssl-us...@openssl.org On Behalf Of Jeffrey Walton
Sent: Monday, 11 February, 2013 23:04
Some minor points:
On Mon, Feb 11, 2013 at 5:15 PM, Dave Thompson dthomp...@prinpay.com
wrote:
On Mon, Feb 11, 2013 at 12:01:49AM -0500, Jeffrey Walton wrote:
snip: extract