On 5/24/2013 7:02 AM, Rahul Godbole wrote:
Hi,
Is there a way in which I get have all OpenSSL error messages being
printed in the syslog instead of console? Can I set some option or
something else in OpenSSL for that?
I am using OpenSSL 1.0.1c with fips 2.0.2.
If you are using the OpenSSL
Hello,
I want to use OpenSSL in one of my project. As the project will run on
production servers I'm wondering which branch should I use. Could you tell
me what's the difference between OpenSSL 1.0.0 and 1.0.1 ? I'm guessing
that 1.0.1 contains some experimental code, so is less suitable for
Hi Openssl developers,
In our product we are using openssl source to some of the security
development. In our old product we were using openssl-0.9.8l and the product
is now in market. In our new product we upgraded our source base with
openssl-1.0.1e, we didnt change any thing in our
Hi Jakob,
Thanks for your reply, please find the details given below and also please
look topic which I have posted in the same forum today with the title
openssl-1.0.1e RSA signature verification fails which will some more
details.
1. How many bits are your RSA public key (the modulus), this is
My product got hit by this bug too. ( it uses 0.9.8y branch). I understand
the fix is in main branch, but I am curious - will 0.9.8 be patched
eventually?
--
View this message in context:
Hi Openssl developers,
In our product we are using openssl source to some of the security
development. In our old product we were using openssl-0.9.8l and the product
is now in market. In our new product we upgraded our source base with
openssl-1.0.1e, we didnt change any thing in our
Hello everybody
I have to encrypt a zip file with pkcs7. But when I decrypt again, the zip is
corrupted and can't be opened. The zip contains a xml file, and encryption of
this file is no problem.
My command lines are:
smime -encrypt -in file.zip -out file.p7m -outform DER cert.pem
and
smime
Hi,
I have tried to generate self-signed certificates using the openssl.
While generating these certificates the private key is involved during the
certificate signing process by the rootCA.
1. What is the actual purpose of this private key?
2. why this private key is installed in the client
On Thu, May 23, 2013, no_spam...@yahoo.com wrote:
Can one use HMAC through EVP? If so, can someone point me to an example?
It seems that when the OpenSSL module is in FIPS mode, it doesn't like
programs using HMAC_*() functions directly:
OpenSSL internal error, assertion failed: Low
On Thu, May 23, 2013, Lavanya wrote:
Hi Openssl developers,
In our product we are using openssl source to some of the security
development. In our old product we were using openssl-0.9.8l and the product
is now in market. In our new product we upgraded our source base with
On Fri, May 24, 2013, Analogon Enterprise wrote:
Hello everybody
I have to encrypt a zip file with pkcs7. But when I decrypt again, the zip is
corrupted and can't be opened. The zip contains a xml file, and encryption of
this file is no problem.
My command lines are:
smime -encrypt
On 5/23/2013 10:49 AM, Krzysztof Kwiatkowski wrote:
Hello,
I want to use OpenSSL in one of my project. As the project will run on
production servers I'm wondering which branch should I use. Could you
tell me what's the difference between OpenSSL 1.0.0 and 1.0.1 ? I'm
guessing that 1.0.1
On Fri, May 24, 2013, Jakob Bohm wrote:
It should also be noted that the current FIPS certified module
(meaningful only for US Government use) is designed for use with
1.0.1, while the previous one was for version 0.9.7 , which gives
version 1.0.1 and artificially extended lifespan compared
Hi everyone,
Would there be interest/approval in prefixing [openssl-users] onto the
subject of messages from this list? This kind of thing is standard on
most mailing lists of this kind that I’ve seen.
It makes it easier to distinguish the “context” of a message
at-a-glance.
-F
Since I find it much easier to read the posts with NNTP, it doesn't
matter to me at all. The 'context' is in the name of the newsgroup.
What I'd like is a way to remain part of the group but not receive email
at all. I know it's technically possible, since other gmane newsgroups
work that
On 5/24/2013 9:47 AM, keshava jm wrote:
Hi,
I have tried to generate self-signed certificates using the openssl.
While generating these certificates the private key is involved during
the certificate signing process by the rootCA.
You are doing it wrong!
1. What is the actual purpose of
This is NOT a Gmame newsgroup. This is a mailing list run by the
openssl people using their own servers. Gmame just makes a copy in a
simulated newsgroup, but Gmame is not the real list, don't let them
fool you.
On 5/24/2013 4:29 PM, Ken Goldman wrote:
Since I find it much easier to read the
Hi Jakob
On Fri, May 24, 2013 at 11:57 AM, Jakob Bohm jb-open...@wisemo.com wrote:
On 5/24/2013 9:47 AM, keshava jm wrote:
[snip]
The intended and proper way to do things is:
1. The CA creates its own private key, which is kept in a very secure
place (like a computer with no network
The | command don't work for me in OpenSSL. Is it a shell thing?
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List
The | command don't work for me in OpenSSL. Is it a shell thing?
Not enough details (heck not any) to answer. But yes, pipes are implemented by
the shell.
--
Principal Security Engineer
Akamai Technology
Cambridge, MA
__
ah.. sorry. i tried running this command openssl x509 -noout -modulus
-in server.crt | openssl md5 in openssl on windows and linux and it wont
pipe back to Openssl. it says unknown option |
On Fri, May 24, 2013 at 10:17 AM, Salz, Rich rs...@akamai.com wrote:
The | command don't work for me
Windows doesn't do pipes; you have to use temp files.
--
Principal Security Engineer
Akamai Technology
Cambridge, MA
_
From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Salz, Rich
Sent: Friday, 24 May, 2013 14:05
To: openssl-users@openssl.org
Subject: RE: Pipe command not working
Windows doesn't do pipes; you have to use temp files.
Not true. IIRC the
I add the server certificate in PEM format to the SSL store using the following
call.
X509_STORE_add_cert(SSL_CTX_get_cert_store(pctx), x509cert);
The SSL_get_verify_result(SSL handle); always seems to return
error code 20 X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY.
Has anyone been able to
24 matches
Mail list logo