What is the MD5 Fingerprint field before the PEM data of a CA cert in ca-bundle.crt used for by consuming applications? When I enter the hash incorrectly, I find that I'm still able to use openssl to start a TLS session with a server whose cert is signed by that CA. Example: American Express CA MD5 Fingerprint: 1C:D5:8E:82:BE:70:55:8...
I am trying to compile a small .c file which uses OpenSSL includes, at first I had problems compiling but I solved it installing libssl-dev and that solved the include errors. But now when I try to compile I get: ‘ssl_conn’ has no member named ‘encrypted’ ‘ssl_conn’ has no member named ‘write_seq’ ‘ssl_conn’ has no member named ‘read_s...
The title basically says it all. I have a hexadecimal string representing a private key, and for me to be able to use it with OpenSSL, I need to be able to convert it to some format supported by OpenSSL, be it PEM or whatever. I know that one can read a PEM formatted key and print it out in a format like this: Private-Key: (102...
Hi experts, I know that LD_LIBRARY_PATH is evil and it's a good habit to avoid using it. I have a program called server.c on a remote Solaris 9 server that holds two versions of openssl library (0.9.8 and 1.0.0) and I'm using gcc 3.4.6. My program need to link to 1.0.0a version. Because it's work environment, I don't have the right to m...
I was looking for event callback function when OpenSSL has incoming 'Read' data. Does OpenSSL has this kind of function? If yes, could you please show me some example code please? I'm thinking to write a simple wrapper for my application. This wrapper will make a callback when data arrive. My initial thought would be create a thread loo...
I have a problem with Ruby's openssl library. Here is what I do: In my Rails application, I start the "./script/console", then type: >>OpenSSL::HMAC.hexdigest('sha256','','') gives me this error: TypeError: wrong argument (String)! (Expected kind of OpenSSL::Digest::Digest) from (irb):15:in `hexdigest' from (ir...
I'm working with an older version of OpenSSL, and I'm running into some behavior that has stumped me for days when trying to work with cross-platform code. I have code that calls OpenSSL to sign something. My code is modeled after the code in ASN1_sign, which is found in a_sign.c in OpenSSL, which exhibits the same issues when I use it....
Hi: I installed httpd-2.2.16 and openssl-1.0.0 on Red Hat Linux 5: when starting the Apache a 'undefined symbol: SSL_get_servername' message is generated on the command line. Listed below are the parameters used for the Apache installation (section A) and the generated error message when Apache is started (SECTION B). Can anyone point...
I have created a CA cert, and used it to issue a public key. At a date in the future, I need to verify that the certificate loaded was issued by my CA. How do I do that with the OpenSSL API (c++)? ...
I've been reading about the requirement that if OpenSSL is used in a multi-threaded application, you have to register a thread identification function (and also a mutex creation function) with OpenSSL. On Linux, according to the example provided by OpenSSL, a thread is normally identified by registering a function like this: static uns...
My Problem I compiled OpenSSL into QT to enable OpenSSL support. Everything appeared to go correctly in the compile. However, when I try to use the official HTTP example application that can be found here, everytime I try to download an https page, it will signal two QSslError, each with contents NoError. The types of QSslErrors, inclu...
I'm looking for a wamp/lamp development environment that supports OpenSSL out of the box so I can do things with https://. I'm not sure if OpenSSL is a feature of Apache or PHP, but I would rather not add that myself. If your development environment supports it, please add it here. ...
Hi, i have application with client-server architecture. client (C program): generate various DER encoded data convert DER to PEM (using openssl's PEM_write_bio) with various PEM header send PEM to server server (Perl script): receive PEM data convert PEM to DER .... My question is how to convert various PEM data to DER/BER (bin...
I want to generate a large (~2 kb), random, unique block of random text for use as an authentication token. Standard hashing functions produce results that are too short. Would it be OK to use openssl's private key generation function or is there more appropriate solution I should look at? ...
Hi, I'm writing a script to generate a CSR in Python. The script is very simple. I generate an RSA private key by using the following: keycmd = "openssl genrsa -out mykey.pem 2048" keyprocess = Popen(keycmd, shell=True, stdout=PIPE) csrcmd = "openssl req -new -key mykey.pem -subj "+ subj + " -out mycsr.csr" reqprocess = Popen(csrcmd, s...
Hi I am trying to get an sha-1 for a number of files. What I currently do is cycle the files in a given path, open and read each file separately and load the contents in a buffer and then send it to openssl's SHA function to get the hash. The code looks something like this: void ReadHashFile(LPCTSTR name) { FILE * pFile; long lSi...
I have been struggling with an SSL problem for more than 1 month. We have used openssl to generate our own CA, server and client certificates. We have also enable "SSLrequire" on the Apache web server (in htaccess this may be wrong), which means that anyone trying to connect through https on the server needs to present a valid certifica...
I followed the instrunction on this site http://paltman.com/2007/nov/15/getting-ssl-support-in-python-251/ to install openssl. When I go to test i get this as the output: test_rude_shutdown ... test_basic ... Segmentation fault How would I resolve this? ...
As stated in the title, I would like to import a key pair into Keychain Access. What I have done: Obtaining an RSA public / private key pair by using OpenSSH What I am going to do: Importing the key pair into the "login" keychain of Keychain Access Creating a CSR with OpenSSL Send the CSR to Apple for obtaining a developer...
Like in the title, I want to encrypt data, which is sent over network. Because I decided to use TCP and/or SCTP protocols I cannot use SSL/TLS. That's why I want to implement my own solution based on SSL idea. Two peers will exchange symmetric algorithm's key (AES0 using asymmetric algorithm (RSA) first and then continue communicatio...