search for: cerfic

...risk because the key can be reproduced easily. Additionally, all (good) DSA keys that were ever used on a vulnerable Debian machine for signing or authentication should also be considered compromized due to a known attack on DSA keys. As a result of this bug, everyone should audit *every* key or cerficicate that was generated with OpenSSL, to trace its origin and make sure that it was not generated with a vulnerable Debian OpenSSL package. Or in the case of DSA keys care should be taken that they were not generated or used on a system with a vulnerable OpenSSL package. Keys that are potentially c...

...s i am generating requests for certificates to services such as LDAP,NNRPD and lately signing requests with CA. My approach is to import my own CA into Windows Vista OS as root CA and trusted, to avoid messages in clients such as "certificate could not be verified, certificate is not signed or cerficate authority cannot be verified". When i asked for help at openssl mailinglist i have recieved interesting answer : Just make sure your certificate is actually one "son" of your CA. > > It is right To make one CA cert with the 509 extensions set to CA > X509v3 Basic Con...

...risk because the key can be reproduced easily. Additionally, all (good) DSA keys that were ever used on a vulnerable Debian machine for signing or authentication should also be considered compromized due to a known attack on DSA keys. As a result of this bug, everyone should audit *every* key or cerficicate that was generated with OpenSSL, to trace its origin and make sure that it was not generated with a vulnerable Debian OpenSSL package. Or in the case of DSA keys care should be taken that they were not generated or used on a system with a vulnerable OpenSSL package. Keys that are potentially c...