Am 09.01.2020 um 21:45 schrieb Christopher Schultz:
> DSA is almost never used. Nearly 100% of keys in the world are
> plain-RSA or EC. I know of no CA that uses DSA for signing. So pretty
> much every cert you will come across will be EC-with-RSA or
> RSA-with-RSA (that's keytype-with-signature-ty
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Peter,
On 1/10/20 2:07 PM, logo wrote:
> Chris and Mark,
>
>
>> Am 09.01.2020 um 21:49 schrieb Christopher Schultz
>> :
>>
> All,
>
> On 1/9/20 3:45 PM, Christopher Schultz wrote:
Mark and Peter,
On 1/9/20 3:36 PM, Mark Thomas wr
Chris and Mark,
> Am 09.01.2020 um 21:49 schrieb Christopher Schultz
> :
>
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> All,
>
> On 1/9/20 3:45 PM, Christopher Schultz wrote:
>> Mark and Peter,
>>
>> On 1/9/20 3:36 PM, Mark Thomas wrote:
>>> On 09/01/2020 20:22, logo wrote:
M
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
All,
On 1/9/20 3:45 PM, Christopher Schultz wrote:
> Mark and Peter,
>
> On 1/9/20 3:36 PM, Mark Thomas wrote:
>> On 09/01/2020 20:22, logo wrote:
>>> Mark,
>>>
Am 09.01.2020 um 20:36 schrieb Mark Thomas
:
On 02/01/2020 09:24,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Mark and Peter,
On 1/9/20 3:36 PM, Mark Thomas wrote:
> On 09/01/2020 20:22, logo wrote:
>> Mark,
>>
>>> Am 09.01.2020 um 20:36 schrieb Mark Thomas :
>>>
>>> On 02/01/2020 09:24, logo wrote:
>>>
>>>
>>>
The connector comes up correctly, is
On 09/01/2020 20:22, logo wrote:
> Mark,
>
>> Am 09.01.2020 um 20:36 schrieb Mark Thomas :
>>
>> On 02/01/2020 09:24, logo wrote:
>>
>>
>>
>>> The connector comes up correctly, is accessible through the browser but if
>>> I test the ssl setup, I get an error message that the key/cert may not be
On 02/01/2020 09:24, logo wrote:
> Testing 370 ciphers via OpenSSL plus sockets against the server, ordered by
> encryption strength
I've been through these and this is the summary of the results.
I'm testing OpenSSL master (although not updated for a while) and JSSE
from AdoptOpenJDK 1.8.0_
Mark,
> Am 09.01.2020 um 20:36 schrieb Mark Thomas :
>
> On 02/01/2020 09:24, logo wrote:
>
>
>
>> The connector comes up correctly, is accessible through the browser but if I
>> test the ssl setup, I get an error message that the key/cert may not be used
>> for "Key agreement"
>>
>> See:
>
On 02/01/2020 09:24, logo wrote:
> The connector comes up correctly, is accessible through the browser but if I
> test the ssl setup, I get an error message that the key/cert may not be used
> for "Key agreement"
>
> See:
> testssl.sh :8443
>
> Signature Algorithm ECDSA with SHA256
On 08/01/2020 21:39, logo wrote:
>> I have confirmed that this updated key then works cleanly with both the
>> OpenSSL and JSSE TLS implementations.
>>
>
> Felix already suggested that. I've tried it and at first it looks good.
> Connector starts and serves the ECDSA cert.
Sorry I missed that
Hi Mark,
> Am 08.01.2020 um 19:04 schrieb Mark Thomas :
>
> On 26/12/2019 23:55, logo wrote:
>
>
>
>> as an EC certificate will start with EC PRIVATE KEY.
>>
>> Is this something that is expected? ECDSA unsupported? Or just an incomplete
>> implementation, edge case or a bug?
>
> Hi,
>
> S
On 26/12/2019 23:55, logo wrote:
> as an EC certificate will start with EC PRIVATE KEY.
>
> Is this something that is expected? ECDSA unsupported? Or just an incomplete
> implementation, edge case or a bug?
Hi,
Sorry for not getting to this sooner.
I'm not 100% sure that Java directly suppo
> Am 02.01.2020 um 17:13 schrieb Christopher Schultz
> :
>
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> Peter,
>
> On 1/2/20 04:24, logo wrote:
>
>> There may be an issue with the provided/available ciphers!
>>
>> The connector comes up correctly, is accessible through the brows
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Peter,
On 1/2/20 04:24, logo wrote:
> There may be an issue with the provided/available ciphers!
>
> The connector comes up correctly, is accessible through the browser
> but if I test the ssl setup, I get an error message that the
> key/cert may
Felix,
> Am 01.01.2020 um 20:27 schrieb Felix Schumacher
> :
>
>
>> Am 01.01.20 um 18:19 schrieb logo:
>> Felix,
>>
Am 01.01.2020 um 11:49 schrieb Felix Schumacher
:
>>>
>>>
>>> Am 27.12.19 um 17:36 schrieb logo:
Chris
Am 2019-12-27 16:33, schrieb Christopher Sch
Am 01.01.20 um 18:19 schrieb logo:
> Felix,
>
>> Am 01.01.2020 um 11:49 schrieb Felix Schumacher
>> :
>>
>>
>> Am 27.12.19 um 17:36 schrieb logo:
>>> Chris
>>>
>>> Am 2019-12-27 16:33, schrieb Christopher Schultz:
>>> Peter,
>>>
>>> On 12/26/19 18:55, logo wrote:
>> Hi Mark,
>>> I hope it's
Felix,
> Am 01.01.2020 um 11:49 schrieb Felix Schumacher
> :
>
>
> Am 27.12.19 um 17:36 schrieb logo:
>> Chris
>>
>> Am 2019-12-27 16:33, schrieb Christopher Schultz:
>> Peter,
>>
>> On 12/26/19 18:55, logo wrote:
> Hi Mark,
>>
>> I hope it's okay if I reply. :)
>>
>>> :-)
>>
>>
>>
>
Am 27.12.19 um 17:36 schrieb logo:
> Chris
>
> Am 2019-12-27 16:33, schrieb Christopher Schultz:
> Peter,
>
> On 12/26/19 18:55, logo wrote:
> >>> Hi Mark,
>
> I hope it's okay if I reply. :)
>
> > :-)
>
>
>
> >>> I just recently tested Step CA (smallstep.com) as an internal CA
> >>> that provide
Chris
Am 2019-12-27 16:33, schrieb Christopher Schultz:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Peter,
On 12/26/19 18:55, logo wrote:
Hi Mark,
I hope it's okay if I reply. :)
:-)
I just recently tested Step CA (smallstep.com) as an internal CA
that provides an internal ACME s
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Peter,
On 12/26/19 18:55, logo wrote:
> Hi Mark,
I hope it's okay if I reply. :)
> I just recently tested Step CA (smallstep.com) as an internal CA
> that provides an internal ACME service.
>
> After I deployed the created cert to my Tomcat (8.5.
Hi Mark,
I just recently tested Step CA (smallstep.com) as an internal CA that provides
an internal ACME service.
After I deployed the created cert to my Tomcat (8.5.50 with adoptopenjdk 11) I
noticed that while the openssl connector immediately started, the JSSE
connector with the same cert
21 matches
Mail list logo
