-- I have created my self signed CA (cert.pem) using following openssl commands
1) openssl req -config /etc/openssl.cnf -new -x509 -keyout private.key
-out cert.pem -days 8000 -passin pass:abcd -passout pass:abcd
2) openssl ca -updatedb -config /etc/openssl.cnf -keyfile private.key
-key abcd
.
HOW CAN I DO THIS USING API?
-
Saurabh
On 7/25/12, Saurabh Pandya er.saurabhpan...@gmail.com wrote:
-- I have created my self signed CA (cert.pem) using following openssl
commands
1) openssl req -config /etc/openssl.cnf -new -x509 -keyout private.key
-out cert.pem -days 8000
On 7/26/12, Puneet Khunteta khunteta.pun...@gmail.com wrote:
Hello Sukalp,
I have tried to use the code snippet provided by use . I am able to create
the ASN_object and get the data also.but the data is not in readable form.
I use X509 instead of X509V3.
Here is the code that i have used :
Do roughly the same thing apps/ca.c does, except you probably don't
need all its options but may want some other options:
Create an X509 and set all needed X509_CINF fields in that X509
to values that you either extract from the X509_REQ and approve,
or choose by your own logic (serial at
On 7/27/12, Saurabh Pandya er.saurabhpan...@gmail.com wrote:
Do roughly the same thing apps/ca.c does, except you probably don't
need all its options but may want some other options:
Create an X509 and set all needed X509_CINF fields in that X509
to values that you either extract from
Bang !! Thanks Dave,
I am agree with Sandy's comment about openssl API's documentation.
Thanks again,
Saurabh
On 7/28/12, Dave Thompson dthomp...@prinpay.com wrote:
From: owner-openssl-us...@openssl.org On Behalf Of Saurabh Pandya
Sent: Friday, 27 July, 2012 10:21
On 7/27/12, Saurabh
On 7/28/12, Rita Rex Smith ritarexsm...@gmail.com wrote:
I am just getting started trying to figure out how to set up an SSL
certificate and key with PayPal to use for encrypted payments on my
website.
I am totally confused as to what I need to upload to them and how to figure
out if it is
You need to Add Root CA of your client certificate to BOTH, Chrome
anf Firefox
-
Saurabh
On 7/28/12, Tom Browder tom.brow...@gmail.com wrote:
I have almost succeeded in creating a client SSL factory with a local
CA starting with a StartSSL free server certificate.
I just created a client
Hi friends.
I want to rise one more question here,
What is the difference in generated server certificate (A),
If make using certificate request, or make directly (X509_REQ *csr
vs X509 *cert)
I have my OWN CA, its keys, I am making new certificate (A) from old
certificate (B).
Question
Hi all,
I am using server certificate X problematically with following API for each
SSL * session. X is dynamically generated for each client, when its CA(s)
as always same.
SSL_use_certificate(this_ssl, X);
It works fine when there is single CA certificate A who sign X,
but when I
On 8/3/12, Dr. Stephen Henson st...@openssl.org wrote:
On Fri, Aug 03, 2012, Saurabh Pandya wrote:
Hi all,
I am using server certificate X problematically with following API for
each
SSL * session. X is dynamically generated for each client, when its CA(s)
as always same
You need to get familiar yourself with openssl and (SSL).
Best way to start is documentation (SSL API) and use demos provided
with openssl source code.
On 8/16/12, Eric Fowler eric.fow...@gmail.com wrote:
I am a relative OpenSSL newbie, and I have had a task assigned to me
which entails some
As per my knowledge such thing man not happen..
may something go wrong with your code..
share your code if someone can look at up,
Thanks,
Saurabh
On 8/16/12, venkataragavan vijayakumar venkataragava...@gmail.com wrote:
Hi All,
We are running load through the openssl 1.0 DTLS connection ,
Thanks all...
On 8/23/12, Charles Mills charl...@mcn.org wrote:
Watch out for -endian issues.
--
Sent from my mobile phone. Please excuse my brevity.
Charles
Dr. Stephen Henson st...@openssl.org wrote:
On Thu, Aug 23, 2012, Saurabh Pandya wrote:
I found following definition
use
err = ERR_get_error();
to get error no
and use ERR_string(ec) to stringify
On 8/30/12, Mithun Kumar mithunsi...@gmail.com wrote:
Also when i use s_client tool it just hangs with following output. Any
input on how to get full handshake dump?
*vm-soniclx13(misingh): openssl
is as simple as below
const *errString = ERR_error_string(ERR_get_error(), NULL));
On 8/30/12, Mithun Kumar mithunsi...@gmail.com wrote:
Hello All,
I am using the function ERR_print_errors_fp() to get the last error in
case of any failure. I want to divert the output to file. When ever
?
-mithun
On Thu, Aug 30, 2012 at 3:58 PM, Saurabh Pandya
er.saurabhpan...@gmail.com wrote:
is as simple as below
const *errString = ERR_error_string(ERR_get_error(), NULL));
On 8/30/12, Mithun Kumar mithunsi...@gmail.com wrote:
Hello All,
I am using the function ERR_print_errors_fp
Indra
Make use of openssl api generation...
SSL_*
X509_*
You can write u r holy n simple server..
I am not sure u want for POSIX ?
I hope this will help u.
-
Saurabh Pandya
Sent from my Windows Phone
--
From: Salz, Rich rs...@akamai.com
Sent: 19-05-2013
your stuff is here..
http://www.openssl.org/docs/crypto/pem.html
happy reading !
On Mon, May 20, 2013 at 12:20 PM, Rahul Godbole rahulmg1...@gmail.comwrote:
Hi OpenSSL Users
Can someone tell me API using which I can convert certificates from one
format to another? I know that the openssl
cert.der to your fx in trusted root authorities
-
Thanks,
Saurabh Pandya
On Tue, Jun 18, 2013 at 4:39 PM, Carl Young carlyo...@keycomm.co.uk wrote:
Sorry for top-post - webmail :(
In TLS, the server should not send the root certificate - it sends the
chain up to, but not including, the root
and then
certificate creation
by X509_new)
--
Any indication/direction would be appreciate.
-
Thanks
Saurabh Pandya
__
OpenSSL Project http://www.openssl.org
User
Hi,
I am trying to build openssl-0.9.8za with openssl-fips-1.2, but with no
luck. Came to know from release notes, that openssl-0.9.8za have know
compilation issues with FIPS. I got below statement from release notes
FIPS capable link failure with missing symbol
: error: #error EC is disabled.
make[2]: *** [ec_lib.o] Error 1
-
Saurabh
On Wed, Jun 11, 2014 at 2:48 PM, Saurabh Pandya er.saurabhpan...@gmail.com
wrote:
Hi,
I am trying to build openssl-0.9.8za with openssl-fips-1.2, but with
no luck. Came to know from release notes, that openssl-0.9.8za
Hi Stephen,
I understand it got fixed with development version. I tried it its working
fine. But I want to build 0.9.8za with FIPS, and release notes says it
could be done by compiling openssl without EC algorithms,can you point me
out how can I do that ?
-
Saurabh
On Tue, Jun 10, 2014 at 8:23
Thanks you very much for prompt info.
What could be the end-user effect if I start using openssl with no-ec ?
(sorry for a silly question !!)
-
Saurabh
On Wed, Jun 11, 2014 at 5:17 PM, Dr. Stephen Henson st...@openssl.org
wrote:
On Wed, Jun 11, 2014, Saurabh Pandya wrote:
Adding further I
To handle CA cert chain, you can use SSL_CTX_add_extra_chain_cert..
are you expect certificate form client ?
-
Saurabh
On Thu, Jun 12, 2014 at 7:09 AM, Hafedh TRIMECHE hafedh.trime...@gmail.com
wrote:
Hi,
I would implement an OpenSSL Server which can handle authentication
initiated by 2
Hi,
Is there any official information (weather its conformed, if yes then
avilable patches..etc) avilable on this vulnarability.
Qustion based on refrences below.
http://support.f5.com/kb/en-us/solutions/public/15000/400/sol15401.html
may helps below,
https://www.mail-archive.com/openssl-users@openssl.org/msg31570.html
Depends what you want to achive with openssl, good to start with its
online documents.
-
Saurabh Pandya
On 7/14/14, Kay Shamsa kay.sha...@jci.com wrote:
Hi;
Can anybody please specify how I can use Open SSL
28 matches
Mail list logo