> From: owner-openssl-us...@openssl.org On Behalf Of Rij
> Sent: Thursday, 23 July, 2009 21:17
> I have a simple client operating in blocking mode. When I try
> to connect to the server, I get the error:
> error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol
>
Sounds like your ser
> From: owner-openssl-us...@openssl.org On Behalf Of David Schwartz
> Sent: Monday, 27 July, 2009 12:06
> Jeremy R. wrote:
>
> > Okay, forgive my ignorance, but isn't the most common way
> of signing
> > data simply taking a cryptographic hash (SHA-1, RIPEMD-160,
> WHIRLPOOL,
> > etc.) and the
> From: owner-openssl-us...@openssl.org On Behalf Of Jeremy R.
> Sent: Monday, 27 July, 2009 23:19
(Sorry I was out.)
>> Another idea: you're not using the benefit of PKC encryption
>> (unknown to one). Why not just symm-encrypt the data?
> Well, env
> From: owner-openssl-us...@openssl.org On Behalf Of Alexander Lamaison
> Sent: Thursday, 30 July, 2009 08:05
> I'm calling PEM_read_bio_RSAPrivateKey and
> PEM_read_bio_DSAPrivateKey with private keys loaded from
> files on disk. I read the file into a string, put that into
> a BIO and then c
> From: owner-openssl-us...@openssl.org On Behalf Of Carlo Milono
> Sent: Thursday, 30 July, 2009 19:27
> I'm trying to illustrate how to take an OASIS WSSE SOAP
> Message and operate on it with the commands in OpenSSL.
> The SOAP Message encrypts the contents of an element in the
> Body with AE
> From: owner-openssl-us...@openssl.org On Behalf Of Michael Kurecka
> Sent: Friday, 31 July, 2009 09:05
> I'm using OpenSSL 0.9.8k and am trying to find the
> implementation of the tlsv1_method. Below are the only
> references I found. I'm trying to determine the cipher suites
> used by OpenSS
> From: owner-openssl-us...@openssl.org On Behalf Of Andrejs Igumenovs
> Sent: Monday, 03 August, 2009 07:08
> This succeed with "ssleay32.dll v0.9.8.4" and it fails with
> "ssleay32.dll v0.9.8.11".
> 2009-08-03 13:40:25,911 DEBUG
> [org.apache.tomcat.util.net.PoolTcpEndpoint] Handshake failed
> From: owner-openssl-us...@openssl.org On Behalf Of Michael Kurecka
> Sent: Monday, 03 August, 2009 09:25
> Is there a way to print/display the list of ciphers being used?
>
What do you mean used?
- negotiated for an SSL connection? SSL_get_current_cipher()
and the convenience macros using it
> From: owner-openssl-us...@openssl.org On Behalf Of Biswatosh
> Sent: Monday, 03 August, 2009 10:32
> 1)Does openssl accept that this is their bug? It looks to get
> manifested when lot of load is there. This is not consistent
> in my case.
>
I don't recall any specific bug affecting this, but
> From: owner-openssl-us...@openssl.org On Behalf Of larour
> Sent: Monday, 03 August, 2009 15:27
> I am trying to launch an ssh connection from a matlab
> environment (Matlab R2009), using the Cygwin OpenSSH_5.p1 ssh
> executable, on a windows xp 32 platform.
Although there is only one letter
> From: owner-openssl-us...@openssl.org On Behalf Of Alexander Lamaison
> Sent: Thursday, 06 August, 2009 09:12
> I'm trying to avoid passing any C-runtime objects (such as a
> FILE*) across the OpenSSL DLL boundary. This is unsafe as
> the two DLLs may be using different runtime instances whic
> From: owner-openssl-us...@openssl.org On Behalf Of Michael Kurecka
> Sent: Thursday, 06 August, 2009 11:30
> Thanks for the help. I was able to determine the list of
> ciphers allowed (SSL_CTX_get_cipher_list), the one of those used
> (SSL_get_current_cipher) and to set specific ciphers
> (SSL
> From: owner-openssl-us...@openssl.org On Behalf Of Alexander Lamaison
> Sent: Friday, 07 August, 2009 08:15
> 2009/8/7 Dave Thompson :
>
> I our case (the libssh2 library) we don't have an EXE to
> compile OpenSSL_Applink into (you cant just compile it into a
>
> From: owner-openssl-us...@openssl.org On Behalf Of Christina GE
> Sent: Monday, 10 August, 2009 11:47
> I have tried ot execute the following command to sign a web server
certificate with my CA key:
> C:\OpenSSL\bin>openssl ca -days 3650 -in ./CA/TestCA.csr -cer
> From: owner-openssl-us...@openssl.org On Behalf Of Serge Fonville
> Sent: Wednesday, 12 August, 2009 04:01
> >> Recently there has been some discussion on the Internet
> regarding so
> >> called null-prefix attacks, see
> >> http://www.thoughtcrime.org/papers/null-prefix-attacks.pdf. Is
> >>
> From: owner-openssl-us...@openssl.org On Behalf Of Azlan
> Sent: Tuesday, 18 August, 2009 08:24
> > Hello every one..I'm working with an application in which a module
> > should read a "pem" certificate successfully.I've written 2
> types of
> > programs, but both are failing(PEM_read constan
> From: owner-openssl-us...@openssl.org On Behalf Of vishal saraswat
> Sent: Tuesday, 18 August, 2009 07:44
> I am sorry, I forgot to tell you that the final PEM I create
> is composed of key and certificate both.
> cat server_key.pem server server_cert.pem > server.pem
>
> From: owner-openssl-us...@openssl.org On Behalf Of Dr. Stephen Henson
> Sent: Thursday, 20 August, 2009 18:34
> On Wed, Aug 19, 2009, barcaroller wrote:
>
> > I have a PEM-format server certificate that I need to convert to a
> > binary structure as defined in section 7.4.2. (Server
> Certifi
> From: owner-openssl-us...@openssl.org On Behalf Of
narendra.ku...@thomsonreuters.com
> Sent: Tuesday, 18 August, 2009 05:44
> I have installed Win32OpenSSL-0_9_7m.exe. am unable to proceed
further on
> how to extract the spc and pvk files from the pfx file I have.
I assume yo
> From: owner-openssl-us...@openssl.org On Behalf Of Erik Norgaard
> Sent: Friday, 21 August, 2009 04:22
> I have been asked to study the possibility of using for
> authentication without encryption, ie using TLS_RSA_WITH_NULL_SHA.
>
> Reading the RFC5246, it appears that the server
> authentic
> From: owner-openssl-us...@openssl.org On Behalf Of Pankaj Aggarwal
> Sent: Tuesday, 25 August, 2009 05:06
> I am using cygwin on windows xp to compile FIPS Openssl 1.2 using
Visual studio 2005.
Apparently you mean cygwin _perl_. The MS compiler and linker
(which are t
> From: owner-openssl-us...@openssl.org On Behalf Of loody
> Sent: Friday, 28 August, 2009 04:15
> > the above mean aes-128 cbc will use 55113.2k bytes/second while
> > encrypting/decrypting 16btytes plain text?
This build running on this machine doing aes-128-cbc operations
of 16 bytes each do
> From: owner-openssl-us...@openssl.org On Behalf Of Daniel Mentz
> Sent: Wednesday, 02 September, 2009 08:27
> To: openssl-users@openssl.org
> Subject: post-connection assertions
>
> I'm wondering what's the best way to check the identity of
> the peer [in its cert just after connection]
> So I
> From: owner-openssl-us...@openssl.org On Behalf Of mitch355
> Sent: Tuesday, 01 September, 2009 11:35
> I've installed my certificate for my apache server and now
> want to export/move the certificate for the Tomcat server on
> the same machine. I'm using the following command:
>
> bin\opens
> From: owner-openssl-us...@openssl.org On Behalf Of roxaz
> Sent: Thursday, 03 September, 2009 06:46
> Hey, EVP_DecryptFinal returns 0 for me, but no data is returned
> to supplied output buffer, and returned data length is set to 0.
> What could be the issue? bdec receives s
> From: owner-openssl-us...@openssl.org On Behalf Of Sebastián Treu
> Sent: Thursday, 03 September, 2009 06:06
> After writing a server in C using select() (a
> multiplexed server) and a java client ...
> I decided to secure the conection > using openssl.
>
> I have the examples of the book I've
> From: owner-openssl-us...@openssl.org On Behalf Of Hazel John
> Sent: Thursday, 03 September, 2009 15:25
> openssl enc -aes-256-cbc -K
> 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E
> 1F -iv 00112233445566778899AABBCCDDEEFF -e -in input.txt -out
> output.enc
> [and same with -
> From: owner-openssl-us...@openssl.org On Behalf Of Hazel John
> Sent: Friday, 04 September, 2009 11:40
> On Thu, Sep 3, 2009 at 6:36 PM, Dave
> Thompson wrote:
> > commandline enc does PKCS5 block padding (at least for block modes)
> > unless you specify -nopad (and t
> From: owner-openssl-us...@openssl.org On Behalf Of skar karthikeyan
> Sent: Tuesday, 08 September, 2009 13:13
> I want to send data from my machine to another one and the remote
> machine should be able to decrypt and make sense of the data only if it
> has the correct creden
> From: owner-openssl-us...@openssl.org On Behalf Of SpikeSpiegel
> Sent: Monday, 07 September, 2009 15:23
> I'm writing a little program that encrypt/decrypt some text
> but I've found some troubles using the OpenSSL libraries...
> When I use between the encrypt() function and the decrypt()
>
> From: owner-openssl-us...@openssl.org On Behalf Of Dylan Martin
> Sent: Tuesday, 15 September, 2009 13:42
> Hi all, I need to connect to an LDAP server with a self-signed cert.
> I cannot get s_client to verify OK.. I have gathered the
> server cert by running s_client and then copying the ser
> From: owner-openssl-us...@openssl.org On Behalf Of Kyle Hamilton
> Sent: Friday, 18 September, 2009 15:07
> Once you receive SSL_ERROR_SSL, the next step is to use
> ERR_get_error(3ssl) to figure out what the specific SSL error was.
> Before you do this, you should call ERR_load_crypto_strings(3
> From: owner-openssl-us...@openssl.org On Behalf Of Eystein Måløy Stenberg
> Sent: Sunday, 20 September, 2009 15:13
> I try to compile it, on both mingw installations, with: "gcc
> -I/usr/local/ssl/include -L/usr/local/ssl/lib -lcrypto aes.c", which
> gives:
> ---
> C:\Users\Limit\AppData\Local\
no matter where I
> put the input file (checked it again).
> On Mon, Sep 21, 2009 at 12:30 AM, Dave Thompson
> wrote:
> > The 'gcc' linker (ld) (and AFAIK most others) is order sensitive.
> > You must have -lcrypto *after* the module(s) that calls it.
On fu
> From: owner-openssl-us...@openssl.org On Behalf Of David Schwartz
> Sent: Monday, 21 September, 2009 19:48
> Peter Wilkes wrote:
>
> > so we ran this with a 64 bit int and noticed that 128 bits
> comes out.
> > can we safely ignore the other 64 bits? why are we getting
> 128 bits out?
> >
> >
> From: owner-openssl-us...@openssl.org On Behalf Of Klaus Heinrich Kiwi
> Sent: Wednesday, 23 September, 2009 15:59
> I noted that when generating a RSA public key pair using a
> non-standard public exponent (particularly, 65538, or 0x01,
> 0x00,0x02), the RSA_generate_key never returns, and th
> From: owner-openssl-us...@openssl.org On Behalf Of gary clark
> Sent: Thursday, 24 September, 2009 00:29
> I am receiving a 0200274D error when attempting to connect to
> a linux server.
>
> 274D=10061 ECONNREFUSED.
>
> Not sure what the reason is 1869? could somebody please tell me.
>
The 1
> From: owner-openssl-us...@openssl.org On Behalf Of Michael D
> Sent: Thursday, 24 September, 2009 09:12
> I have been playing with an the command line tools of open
> SSL and am examining traces in hopes to get an understanding
> of how ECDHE works in real life.
>
Remember commandline s_clien
> From: owner-openssl-us...@openssl.org On Behalf Of Martin Schneider
> Sent: Thursday, 24 September, 2009 04:58
> I'm using CA.pl from an application to automatically sign
> certificate requests. The problem is, that when the CSR is
(Aside: you're not signing the CSR. The CSR is already signed
> From: owner-openssl-us...@openssl.org On Behalf Of Michael D
> Sent: Friday, 25 September, 2009 09:32
> Thank you for your reply.
> Maybe we can drill down on the client key exchange message first.
> Looking at the rfc I see it should hold:
> ECPoint ecdh_Yc;
>
> But for the prime192 curve, I w
> From: owner-openssl-us...@openssl.org On Behalf Of Klaus Heinrich Kiwi
> Sent: Friday, 25 September, 2009 13:02
> On 09/23/2009 07:59 PM, Dave Thompson wrote:
> > Or it appears you can use the callback to impose a limit on
> the number
> > of tries, amount of ti
> From: owner-openssl-us...@openssl.org On Behalf Of weihao.ma
> Sent: Monday, 28 September, 2009 09:06
> hi,can somebody help me fixing the problem~
>
> The client and server is the book of Network Security with
> OpenSSL(O'Reilly) in chapter 5.
>
> gcc -o client client.o common.o ..\out\libs
> From: owner-openssl-us...@openssl.org On Behalf Of Brian Lavender
> Sent: Wednesday, 30 September, 2009 03:28
> To: openssl-users@openssl.org
> Subject: Re: Encrypting 32/64 bit integers
>
> On Fri, Sep 18, 2009 at 01:59:12PM -0700, musikit wrote:
> > Encrypt(datato, datafrom)
> > {
> > EVP_Enc
> From: owner-openssl-us...@openssl.org On Behalf Of Michael D
> Sent: Wednesday, 30 September, 2009 13:12
(superseding previous, I assume)
> Ok, I reran my tests again...This time I added the
> -named_curve parameter...and do indeed get 50 byte key for
> the prime192v1 curve.
>
> However, if I
> From: owner-openssl-us...@openssl.org On Behalf Of Jeff Strope
> Sent: Thursday, 01 October, 2009 18:41
> I've been given an X509 signing certificate that I'm storing
> in base64
> format along with a SHA1 w/ RSA signature. How do I verify that
> signature against the signing certificate via
> From: owner-openssl-us...@openssl.org On Behalf Of Michael D
> Sent: Wednesday, 30 September, 2009 17:58
> I don't mind digging in and trying to figure out why the crash..
> but could somebody point me in the right direction?
> Thanks,
> Mike
>
> CONNECTED(0003)
> depth=0
> /C=US/ST=Minne
(Superseding previous reply since this has more detail.)
> From: owner-openssl-us...@openssl.org
> Sent: Friday, 09 October, 2009 07:09
> 1) SO' informations
>
> Server
> --
> CentOS release 5.2
> OpenSSL 0.9.8k 25 Mar 2009
> Apache 2.2
> From: owner-openssl-us...@openssl.org On Behalf Of swapnil kamble
> Sent: Tuesday, 20 October, 2009 05:47
(This is almost certainly a -users questions, not -dev.)
> I want SSL client server communication between OpenSSL Server
with Java Client.
> My
> From: owner-openssl-us...@openssl.org Dr. Stephen Henson
> Sent: Tuesday, 20 October, 2009 09:15
> On Tue, Oct 20, 2009, Daniel Marschall wrote:
> > 18758:error:02006062:system library:bind:Address already in
> > use:b_sock.c:685:port=''
> > 18758:error:20069075:BIO
> routines:BIO_get_acce
> From: owner-openssl-us...@openssl.org On Behalf Of sandeep kiran p
> Sent: Saturday, 17 October, 2009 02:12
> Can someone point me to the instructions that are needed to build
> and debug OpenSSL using Visual Studio on windows? I want to navigate
> through the code for the 'o
> From: owner-openssl-us...@openssl.org On Behalf Of sandeep kiran p
> Sent: Wednesday, 21 October, 2009 23:06
(fairly OT: MS Visual Studio)
> Thanks Dave. I figured out how to do this. I first built a static
version
> of libeay32 and ssleay32 using ms\nt.mak (added /Zi
> From: owner-openssl-us...@openssl.org On Behalf Of Jeffrey Walton
> Sent: Wednesday, 21 October, 2009 18:09
Just a few small tweaks:
> First, generate the domain parameters:
> openssl ecparam -genkey -name secp160k1 -out c:\key.pem
> Next, strip the PBE:
> openssl ec -in c:\key.pem -out c:\nak
> From: owner-openssl-us...@openssl.org On Behalf Of Josue Andrade Gomes
> Sent: Thursday, 29 October, 2009 14:23
> Shortly: HP Insight Manager (a management tool) crashes my server SSL
> application.
> Operating system: Windows 2003 Server
> OpenSSL version: 0.9.8k
> Post-mortem debugger points t
> From: owner-openssl-us...@openssl.org On Behalf Of Lutz Jaenicke
> Sent: Tuesday, 03 November, 2009 14:13
> - Forwarded message from sandeep.kuma...@wipro.com -
> Subject: SSL_write returned SSL_ERROR_SSL
> Date: Tue, 3 Nov 2009 19:25:03 +0530
> Thread-Topic: SSL_write returned SSL_ERROR_
> From: owner-openssl-us...@openssl.org On Behalf Of Josue Andrade Gomes
> Sent: Tuesday, 03 November, 2009 07:13
> On Thu, Oct 29, 2009 at 11:42 PM, Dave Thompson
> wrote:
> > I'd bet the traceback is wrong.
>
> Indeed a detailed analysis by the debugger show:
&
> From: owner-openssl-us...@openssl.org On Behalf Of Josue Andrade Gomes
> Sent: Wednesday, 04 November, 2009 09:14
> On Tue, Nov 3, 2009 at 11:12 PM, Dave Thompson
> wrote:
> > To be clear: s_client with -sessout to a file, followed by s_client
> > with -sessin from th
> From: owner-openssl-us...@openssl.org On Behalf Of dutchman1
> Sent: Tuesday, 03 November, 2009 15:42
> I'm trying to parse a DER cert that seems to be invalid. I
> can parse it but
> not load it or convert it into a PEM file. Is there a way to
> find out what's
> wrong with the file?
>
> Tha
on. I've attached the cert to the Post.
> Dave Thompson-4 wrote:
> > No you couldn't parse it; you got the same error right there.
> > Dump the file (usually easiest in hex) and look at that point
> > (the second part of issuer DN). If you don't understand it
> From: owner-openssl-us...@openssl.org On Behalf Of Tim Ward
> Sent: Monday, 16 November, 2009 12:01
> Further info:
>
> I get the same results running the pkread.c sample program.
>
> If I compile with /MD without the applink stuff present it works.
>
What toolset (mingw or msvc, and which ve
> From: owner-openssl-us...@openssl.org On Behalf Of Tim Ward
> Sent: Tuesday, 17 November, 2009 16:29
> From: "Dave Thompson"
> > What toolset (mingw or msvc, and which version) and library build
> > (own or other) are you using?
> VC2005. Debug build
> From: owner-openssl-us...@openssl.org On Behalf Of NaGaGo
> Sent: Tuesday, 17 November, 2009 05:35
> #include
> #inclide
> #incldue
I assume these were just a hint that the real code
has correct #include's.
> int main()
> {
>
> unsigned long lSize;
> FILE * inFile;
> FILE *
> From: owner-openssl-us...@openssl.org On Behalf Of NaGaGo
> Sent: Thursday, 19 November, 2009 02:02
> #include
> #include
> #include
> #include
> #include
> #include
> #define AES_BLOCK_SIZE 16
This is already in aes.h, you don't need to define it yourself.
>
> int main()
> {
>
>
> From: owner-openssl-us...@openssl.org On Behalf Of Tim Ward
> Sent: Friday, 20 November, 2009 06:10
> >
> It fails at the same point, the difference now being that the
> libeay32.dll
> function names are shown (rather than just addresses) in the stack
> backtrace. I can't persuade VS2005 to
> From: owner-openssl-us...@openssl.org On Behalf Of Aswin
Premachandran
> Sent: Thursday, 19 November, 2009 03:12
> I downloaded the openssl tar ball from the site and generated lib
files
> (libeay32.lib and ssleay32.lib) using the command "nmake -f ms\nt.mak".
You're supposed
> From: owner-openssl-us...@openssl.org On Behalf Of yhilbert
> Sent: Tuesday, 01 December, 2009 05:26
> Hi I am new to Visual Studio and OpenSSL but how do I ensure
> the library
> libeay32.dll is merged into my console application so it
> doesnt complain at
> runtime. For example I have follow
> From: owner-openssl-us...@openssl.org On Behalf Of Hihn, Jason
> Sent: Monday, 30 November, 2009 18:09
> I am trying to have a java 1.5 client connect to a OpenSSL
> TLS server. I
> can connect fine from other OpenSSL implementations.
>
By default for maximum compatibility across the world-wi
> From: owner-openssl-us...@openssl.org On Behalf Of Mohan Radhakrishnan
> Sent: Friday, 04 December, 2009 05:54
>
> We see this message "no available certificates or key
> corresponding to the cipher suites" even before establishing a
> handshake. It is a mutual handshake. So keystores and
> From: owner-openssl-us...@openssl.org On Behalf Of Hall, Leam
> Sent: Friday, 04 December, 2009 14:14
>We have to remove vendor supplied openssl.0.9.7.a and install from
source 0.9.8L.
> Removing vendor openssl package also removes /lib/libcrypto.so.4, and that
breaks
> lo
> From: owner-openssl-us...@openssl.org On Behalf Of Llenlleawg
> Sent: Saturday, 12 December, 2009 15:17
> Here is a brief outline of what I'm trying to do. I'm trying
> to create a
> certificate signed by my own CA and private key.
>
> I followed the steps on the following site to setup my ow
> From: owner-openssl-us...@openssl.org On Behalf Of tushar ganguli
> Sent: Friday, 18 December, 2009 00:38
> Hi Steve,
> I did what you said (please correct me if I am wrong) and still
> the ouput is not mappiing, below please find the steps I'd taken:
> 1.
(Possible duplicate; on my first attempt to send this message
I got a strange NortonAntiVirus alert, so I am retrying.)
> From: owner-openssl-us...@openssl.org On Behalf Of Pietro Romanazzi
> Sent: Friday, 18 December, 2009 05:19
> On postfix 2.5.7 running on Red Hat Enterprise
> From: owner-openssl-us...@openssl.org On Behalf Of Michael D
> Sent: Friday, 08 January, 2010 08:53
> Based on the old message snippet below, two questions:
> 1) Are the session keys then used by the symmetric cipher
> going forward?
> Or is there another step used to get those keys.
Session
> From: owner-openssl-us...@openssl.org On Behalf Of
> Radha krishna Meduri -X (radmedur - HCL at Cisco)
> Sent: Friday, 08 January, 2010 01:13
> #include "openssl/ssl.h"
> #include "stdio.h"
>
Aside: it's conventional and sometimes better to
use < > format for system/std headers like stdio.h.
Michael D wrote on Tue, 12 Jan 2010 06:01:23 -0800
(but some of my mail got lost or dropped for some
reason and I only later found in mail-archive)
(and majordomo 'which' is either broken
or deceptive, which didn't help matters!)
>>>
Dave,
I think I have been getting ahead of myself and need to d
> From: owner-openssl-us...@openssl.org On Behalf Of Kyle Safford
> Sent: Monday, 25 January, 2010 11:49
> I am using Self-Signed Certificates and had a few questions about
them.
> When running the command to verify whether the certificate chain is
valid
> or not (in webl
> From: owner-openssl-us...@openssl.org On Behalf Of Dan Letkeman
> Sent: Thursday, 04 February, 2010 14:36
> So i'm transferring it with FTP, could that be the problem? Any other
> way to transfer it to a windows machine?
> On Thu, Feb 4, 2010 at 11:24 AM, Patrick Patterson
> wrote:
> > How a
> From: owner-openssl-us...@openssl.org On Behalf Of Ashok Kumar
> Sent: Monday, 15 February, 2010 16:01
> I understand it as any browser like firefox, IE etc do NOT need any
> private key but CA certificates to communicate over SSL with any
> server application, so we dont need to install the key
(Sorry for delay, thought I sent this Tue but apparently
it didn't go, and I wasn't in Wed.)
> From: owner-openssl-us...@openssl.org On Behalf Of Peter Lin
> Sent: Monday, 22 February, 2010 03:20
> I have a TLS server application which the old OpenSSL library
> has no problem
> From: owner-openssl-us...@openssl.org On Behalf Of prasad kasthuri
> Sent: Thursday, 25 February, 2010 14:44
> To: openssl-users@openssl.org
> Subject: Need help on creating certs
> I am getting the following error while creating certs using openssl
> command. Plea
> From: owner-openssl-us...@openssl.org On Behalf Of Michael Boman
> Sent: Thursday, 25 February, 2010 15:26
> if (options->xmlOutput != 0)
> {
> fileBIO = BIO_new(BIO_s_file());
> BIO_set_fp(fileBIO, options->xmlOutput, BIO_NOCLOSE); // <- Crashing
here
>
> From: owner-openssl-us...@openssl.org On Behalf Of eoinmoon
> Sent: Wednesday, 10 March, 2010 11:00
> my attempts have failed to convert an private
> key[generated in java keystore and exported via java code] to
> a PEM format
> which I need for my application.
>
> These are the steps I have d
-dev added, I think this is actually a bug
> From: owner-openssl-us...@openssl.org On Behalf Of Michael Boman
> Sent: Monday, 01 March, 2010 11:40
> I am using OpenSSL 0.9.8l from
http://www.slproweb.com/products/Win32OpenSSL.html
> I link to these libraries for
> From: owner-openssl-us...@openssl.org On Behalf Of Dirk Menstermann
> Sent: Wednesday, 10 March, 2010 10:57
> when I generate DH parameters with:
>
> int bits = 1024;
> DH *params = DH_generate_parameters (bits, DH_GENERATOR_5,
> NULL, NULL);
>
> Can I then later read the value of the bits pa
> From: owner-openssl-us...@openssl.org On Behalf Of Sad Clouds
> Sent: Saturday, 10 April, 2010 10:56
> I'm testing a very simple SSL web server. Everything seems to work OK
> with RSA and DSA 1024-bit keys.
>
> I tried using DSA 2048-bit key and
> Then when I use Firefox to connect to the serv
> From: owner-openssl-us...@openssl.org On Behalf Of heiko vonsachsen
> Sent: Thursday, 06 May, 2010 11:26
> EVP_PKEY* pkey=PEM_read_bio_PUBKEY(mem,NULL,NULL,NULL) does not
return any
> value...can anybody please explaine me why? i've spend hours without any
results!
...
>
> From: owner-openssl-us...@openssl.org On Behalf Of Steffen DETTMER
> Sent: Wednesday, 05 May, 2010 14:04
> * Christina Penn wrote on Wed, May 05, 2010 at 07:42 -0400:
> >Can you show me exactly how to break up my example code
> to make my
> >example work? I tried removing the EVP_Decryp
> From: owner-openssl-us...@openssl.org On Behalf Of Richard Ray
> Sent: Wednesday, 12 May, 2010 09:35
> I bought a copy of Network Security with OpenSSL from a friend
> In chapter 7 section Secure HTTP Cookies the examples use
> functions EVP_EncodeBlock and EVP_DecodeBlock
> I can not find any
> From: owner-openssl-us...@openssl.org On Behalf Of Eisenacher, Patrick
> Sent: Wednesday, 12 May, 2010 07:04
> > From: owner-openssl-users On Behalf Of asc123
> >
> > I'm getting a segv when trying to run CA.pl/.sh to create a rootCA:
> > unknown option -create_serial
> > ./CA.sh: line 197: 10
> From: owner-openssl-us...@openssl.org On Behalf Of Bruno Vetel
> Sent: Thursday, 20 May, 2010 13:44
> Doug Kehn writes:
> \n is not base64. Try with echo -n
> > I'm trying to decode a base64 encoded string. The problem
> I'm running in to is that BIO_read() always returns 0.
> [...] If th
> From: owner-openssl-us...@openssl.org On Behalf Of cschwaderer
> Sent: Wednesday, 19 May, 2010 18:50
> I'm having a problem with an OpenSSL client and server
> application I wrote.
> Client 1 uses certificate A and client 2 uses certificate B.
>
> I create a CA file on the server that contains
> From: owner-openssl-us...@openssl.org On Behalf Of cschwaderer
> Sent: Thursday, 20 May, 2010 15:33
> I created a CA file that is a simple Linux cat of two certificates.
> The file path and name of caFile = "/etc/myClientCAs".
>
> Then I execute SSL_load_client_CA_file(caFile);
> [and] struct_s
> From: owner-openssl-us...@openssl.org On Behalf Of Pareto, Charles
> Sent: Friday, 21 May, 2010 17:14
> I'm trying to get the same result with the c#
RSACryptoServiceProvider class
> that 'openssl.exe rsautl ' gives me.
>
> The c# class wants more properties set before
> From: owner-openssl-us...@openssl.org On Behalf Of Chuck Pareto
> Sent: Sunday, 23 May, 2010 22:06
> I'm a newbie when it comes to RSA, the last time I learned it was
> in school over 7 years ago in one lecture.
> Maybe I'm missing something but I will try to explain my
> From: owner-openssl-us...@openssl.org On Behalf Of Chuck Pareto
> Sent: Monday, 24 May, 2010 19:13
> When I run openssl rsa to display my public key info. I see this
below.
> How do I convert this output to a byte array? What is this output? Is it
ascii or base64?
>
0
> From: owner-openssl-us...@openssl.org On Behalf Of ~ Kunal Sharma ~
> Sent: Tuesday, 25 May, 2010 10:02
> I guess I need to supply the iv in hex format. Is it as simple as
replacing
> each ascii character of iv string with the equivalent hex value or
something else ?
> From: owner-openssl-us...@openssl.org On Behalf Of Dallas Clement
> Sent: Wednesday, 26 May, 2010 22:03
> Is there a function that translates certificate verify return codes?
x509.h, x509/x509_txt.c
const char *X509_verify_cert_error_string(long n)
__
> From: owner-openssl-us...@openssl.org On Behalf Of Chuck Pareto
> Sent: Thursday, 27 May, 2010 16:20
> I'm still unsure as to the max length string I can use to
> encrypt. I'm
> using the rsacrypto class in .net to encrypt.
> I know I can't pass in a string that's 256 bytes long or greater
> From: owner-openssl-us...@openssl.org On Behalf Of Emre Erisgen
> Sent: Thursday, 27 May, 2010 12:21
> How do I encrypt SHA-1 hash value of my public certificate
> with private key of my certificate?
I assume you mean an RSA key, because that's the only kind that is
certifi
> From: owner-openssl-us...@openssl.org On Behalf Of Vieri
> Sent: Friday, 28 May, 2010 03:08
> I'm trying to self-sign SSL certificates for corporate web
> servers. It seems to work fine except for installing the
> the CA certificate into the client's "trusted root certificate store".
>
FYI: 's
> From: owner-openssl-us...@openssl.org On Behalf Of Jamrock
> Sent: Sunday, 30 May, 2010 06:35
> In the past I have created my certificates as follows:
> /etc/pki/tls/misc/CA -newca
>
> openssl req -newkey rsa:2048 -nodes -keyout newreq.pem -out newreq.pem
>
> /etc/pki/tls/misc/CA -sign
>
> T
301 - 400 of 1134 matches
Mail list logo
