Viktor,
On 03/09/2017 05:53 PM, Viktor Dukhovni wrote:
On Mar 9, 2017, at 8:43 PM, Robert Moskowitz wrote:
$ umask 077 # avoid world-readable private keys
Perhaps (no perhaps about it) this is old information, but I picked up that I
needed:
chmod 640 for the private keys for Apache. (a
On Tue, Mar 14, 2017, Vijayakumar Kaliaperumal wrote:
> Hello,
>
> Is there a way in openssl we can extract the protocol(TLS/DTLS ) handshake
> information, like in clienthello, the protocol version, ciphersuites
> offered, Random, session id etc.
>
You can get some useful information with th
> Is there a way in openssl we can extract the protocol(TLS/DTLS ) handshake
> information, like in clienthello, the protocol version, ciphersuites
> offered, Random, session id etc.
Look at the code in apps/s_client and apps/s_server and see what it prints in
various debug modes.
--
openssl
Hello,
Is there a way in openssl we can extract the protocol(TLS/DTLS ) handshake
information, like in clienthello, the protocol version, ciphersuites
offered, Random, session id etc.
Regards,
Vijay
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-
Thanks again. Very clear. I’m thinking maybe of a small utility or even a web
site were you could upload the thing and it would tell you what it was looking
it. I’ll add that to my never-ending to do list on the off chance that I’ll
ever have spare time.
Gary
From: openssl-users [m
Glad I could help. To be honest, I had to play around with it for a bit before
I remembered that RACF can export PEM-encoded PKCS#12, and how I had handled
that the last time I went through this myself.
Also, having experience with figuring out what a file is using openssl
asn1parse definitely
Enhancement request:
make 'pkcs12' support -inform and -outform.
On Mon, Mar 13, 2017 at 9:26 AM, Gary L Peskin wrote:
> Thanks VERY much Michael. That did the trick. This was a homegrown CA
> cert and I needed it to sign a certificate request for testing purposes.
>
>
>
> I didn’t realize th
Thanks VERY much Michael. That did the trick. This was a homegrown CA cert
and I needed it to sign a certificate request for testing purposes.
I didn’t realize that the openssl pkcs12 utility didn’t support PEM encoding
for input. I was a little confused I guess by the documentation which
I'll assume you mean you exported it "from a mainframe system" using RACF. RACF
has half a dozen export formats for certificates and keys; they're not all
supported by OpenSSL.
In particular (and despite the PEM delimiters), I suspect what you have here is
a PKCS#12 file in PEM format. The open
My original message accidently included an attachment. Please ignore the
attachment. That was not related to this issue.
Thanks,
Gary
From: Gary L Peskin [mailto:ga...@firstech.com]
Sent: Monday, March 13, 2017 2:28 AM
To: 'openssl-users@openssl.org'
Subject: Cannot read exported PKCS1
Hi,
We have modified our codebase to have CRL verification on the incoming
certificates. While doing a negative testing with load of certificates I find
that the resident memory for the module.
My query is when we have CRL verification enabled does openssl caches incoming
certificates?
Please
I trying to build openssl 1.0.2 from OpenSSL_1_0_2-stable branch and
keep getting this error
perl Configure VC-WIN32 no-asm enable-static-engine
ms\do_ms
nmake -f ms\ntdll.mak
link /nologo /subsystem:console /opt:ref /debug /dll
/out:out32dll\libeay32.dll /def:ms/LIBEAY32.def
@C:\Us
On 12/03/17 07:57, sisyph...@optusnet.com.au wrote:
>> But where did it find libz ?
>
> Heh ... this compiler ships with libz.a (x86_64-w64-mingw32/lib/libz.a).
> I don't know how long they've been doing that - probably for years.
> Remove (or rename) that file and 'make' fails because -lz can't
13 matches
Mail list logo