On 26/01/2015 16:16, Viktor Dukhovni wrote:
On Mon, Jan 26, 2015 at 03:10:57PM +, Viktor Dukhovni wrote:
On Mon, Jan 26, 2015 at 01:07:54PM +0300, Serj wrote:
Thank you for answer.
So, your recomendation is to use X509_check_host rather than code from wiki?
Yes, definitely, provided of
25.01.2015, 20:59, Viktor Dukhovni openssl-us...@dukhovni.org:
On Sun, Jan 25, 2015 at 07:43:14PM +0300, Serj wrote:
What is the best way to make hostname validation?
1. http://wiki.openssl.org/index.php/Hostname_validation
2. X509_check_host that was added in OpenSSL 1.1.0.
The
Hi,
Thank you for answer.
So, your recomendation is to use X509_check_host rather than code from wiki?
25.01.2015, 20:59, Viktor Dukhovni openssl-us...@dukhovni.org:
On Sun, Jan 25, 2015 at 07:43:14PM +0300, Serj wrote:
Starting with 1.0.2, you can also ask OpenSSL to automatically
perform
On Mon, Jan 26, 2015 at 01:07:54PM +0300, Serj wrote:
Thank you for answer.
So, your recomendation is to use X509_check_host rather than code from wiki?
Yes, definitely, provided of course you're linking with OpenSSL
1.0.2 or later.
--
Viktor.
On Mon, Jan 26, 2015 at 03:10:57PM +, Viktor Dukhovni wrote:
On Mon, Jan 26, 2015 at 01:07:54PM +0300, Serj wrote:
Thank you for answer.
So, your recomendation is to use X509_check_host rather than code from wiki?
Yes, definitely, provided of course you're linking with OpenSSL
On 26/01/2015 16:16, Viktor Dukhovni wrote:
On Mon, Jan 26, 2015 at 03:10:57PM +, Viktor Dukhovni wrote:
On Mon, Jan 26, 2015 at 01:07:54PM +0300, Serj wrote:
Thank you for answer.
So, your recomendation is to use X509_check_host rather than code from wiki?
Yes, definitely, provided of
On Mon, Jan 26, 2015 at 06:58:14PM +0100, pl wrote:
On 26/01/2015 16:16, Viktor Dukhovni wrote:
On Mon, Jan 26, 2015 at 03:10:57PM +, Viktor Dukhovni wrote:
On Mon, Jan 26, 2015 at 01:07:54PM +0300, Serj wrote:
Thank you for answer.
So, your recomendation is to use X509_check_host
On 26/01/2015 19:50, Viktor Dukhovni wrote:
On Mon, Jan 26, 2015 at 06:58:14PM +0100, pl wrote:
On 26/01/2015 16:16, Viktor Dukhovni wrote:
On Mon, Jan 26, 2015 at 03:10:57PM +, Viktor Dukhovni wrote:
On Mon, Jan 26, 2015 at 01:07:54PM +0300, Serj wrote:
Thank you for answer.
So,
On Fri, 16 Jan 2015 10:16:48 -0500
Steve Marquess marqu...@openssl.com wrote:
On 01/15/2015 05:52 AM, Marcus Meissner wrote:
On Linux usually triggered by /proc/sys/crypto/fips_enabled
containing 1 or the environment variable
OPENSSL_FORCE_FIPS_MODE=1 (at least for the certs done by SUSE and
On Jan 26, 2015, at 6:21 PM, jone...@teksavvy.com wrote:
On Fri, 16 Jan 2015 10:16:48 -0500
Steve Marquess marqu...@openssl.com wrote:
On 01/15/2015 05:52 AM, Marcus Meissner wrote:
On Linux usually triggered by /proc/sys/crypto/fips_enabled
containing 1 or the environment variable
-Original Message-
From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf Of
mclellan, dave
Sent: Friday, January 23, 2015 6:17 PM
To: openssl-users@openssl.org
Subject: Re: [openssl-users] missing default /usr/local/ssl/openssl.cnf
causes failure on AIX, warning on all
11 matches
Mail list logo