search for: s_server

Displaying 20 results from an estimated 38 matches for "s_server".

2018 Jul 30
2
2.3.2.1 - EC keys suppport?
>>>> I did some local testing and it seems that you are using a curve >>>> that is not acceptable for openssl as a server key. >>>> I tested with openssl s_server -cert ec-cert.pem -key ec-key.pem >>>> -port 5555 >>>> using cert generated with brainpool. Everything works if I use >>>> prime256v1 or secp521r1. This is a limitation in OpenSSL and not >>>> something we can really do anything about. >>>&gt...
2000 Mar 07
2
rsaref usage
...nclude -DTHREADS -D_REENTRANT -DRSAref -mcpu=ultrasparc -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W -DULTRASPARC -DMD5_ASM openssl.o verify.o asn1pars.o req.o dgst.o dh.o dhparam.o enc.o passwd.o gendh.o errstr.o ca.o pkcs7.o crl2p7.o crl.o rsa.o dsa.o dsaparam.o x509.o genrsa.o gendsa.o s_server.o s_client.o speed.o s_time.o apps.o s_cb.o s_socket.o app_rand.o version.o sess_id.o ciphers.o nseq.o pkcs12.o pkcs8.o spkac.o smime.o -L. -L.. -L../.. -L../../.. -L.. -lssl -L.. -lcrypto -L/space/local/lib s_server.o: In function `sv_body': s_server.o(.text+0x10a4): undefined reference to `...
2011 Feb 27
2
opened OpenSSL port
Main question: is it safe, to open a port for an openssl server? e.g.: server side - generate a self-signed cert. time openssl req -x509 -nodes -days 365 -newkey rsa:8192 -keyout mycert.pem -out mycert.pem openssl s_server -accept 52310 -cert mycert.pem Is it secure? - it could be DOSed' [DenialofService] or could it be attacked in any way? Are there any iptables rule for restricting connections to dyndns names? e.g.: only allow connection from "asdfasdf.dyndns.com" and "asdfasdf2.dyndns.com&...
2018 Jul 31
2
2.3.2.1 - EC keys suppport?
...ose interested - IETF RFC 7027 specifies for TLS use: >> >> [ brainpoolP256r1 | brainpoolP384r1 | brainpoolP512r1 ] >> >> And thus t1 would not work anyway. However, having tested r1 the result >> was just the same. >> >> A tcpdump during the openssl test [ s_server | s_client ] then revealed >> (TLSv1.2 Record Layer: Handshake Protocol: Client Hello) : >> >> Extension: supported_groups (len=10) >> ??? Type: supported_groups (10) >> ??? Length: 10 >> ??? Supported Groups List Length: 8 >> ??? Supported Groups (4 groups...
2003 May 23
1
error with make clean in /usr/src
....h openssl/opensslconf.h openssl/evp.h xopenssl app_rand.o apps.o asn1pars.o ca.o ciphers.o crl.o crl2p7.o dgst.o dh.o dhparam.o dsa.o dsaparam.o enc.o engine.o errstr.o gendh.o gendsa.o genrsa.o nseq.o ocsp.o openssl.o passwd.o pkcs12.o pkcs7.o pkcs8.o rand.o req.o rsa.o rsautl.o s_cb.o s_client.o s_server.o s_socket.o s_time.o sess_id.o smime.o speed.o spkac.o verify.o version.o x509.o CA.pl.1.gz asn1parse.1.gz ca.1.gz ciphers.1.gz crl.1.gz crl2pkcs7.1.gz dgst.1.gz dhparam.1.gz dsa.1.gz dsaparam.1.gz enc.1.gz gendsa.1.gz genrsa.1.gz nseq.1.gz ocsp.1.gz openssl.1.gz passwd.1.gz pkcs12.1.gz pkcs7.1.gz...
2003 Jun 13
1
Strange problem with "make clean"
....h openssl/opensslconf.h openssl/evp.h xopenssl app_rand.o apps.o asn1pars.o ca.o ciphers.o crl.o crl2p7.o dgst.o dh.o dhparam.o dsa.o dsaparam.o enc.o engine.o errstr.o gendh.o gendsa.o genrsa.o nseq.o ocsp.o openssl.o passwd.o pkcs12.o pkcs7.o pkcs8.o rand.o req.o rsa.o rsautl.o s_cb.o s_client.o s_server.o s_socket.o s_time.o sess_id.o smime.o speed.o spkac.o verify.o version.o x509.o CA.pl.1.gz asn1parse.1.gz ca.1.gz ciphers.1.gz crl.1.gz crl2pkcs7.1.gz dgst.1.gz dhparam.1.gz dsa.1.gz dsaparam.1.gz enc.1.gz gendsa.1.gz genrsa.1.gz nseq.1.gz ocsp.1.gz openssl.1.gz passwd.1.gz pkcs12.1.gz pkcs7.1.gz...
2018 Jul 30
2
2.3.2.1 - EC keys suppport?
...ockquote type="cite"> <div> I did some local testing and it seems that you are using a curve that is not acceptable for openssl as a server key. </div> </blockquote> <blockquote type="cite"> <div> I tested with openssl s_server -cert ec-cert.pem -key ec-key.pem -port 5555 </div> </blockquote> <blockquote type="cite"> <div> using cert generated with brainpool. Everything works if I use prime256v1 or secp521r1. This is a limitation in OpenSSL and not something we can real...
2015 Aug 18
2
C5 recent openssl update breaks mysql SSL connection
...testing against openssl-0.9.8e-27.el5_10.1 > (from March 2014, nevertheless), which works. > > I would hazard a guess that this is the change causing your problem. > > * Fri Jun 26 2015 Tomas Mraz <tmraz at redhat.com> 0.9.8e-36 > - also change the default DH parameters in s_server to 1024 bits > > Here's some more info, > > https://www.openssl.org/blog/blog/2015/05/20/logjam-freak-upcoming-changes/ > > RH must have backported this fix to 0.9.8e. > > There seem to be many reports out there that the openssl update broke mysql, > but unfortuna...
2015 Aug 18
4
C5 recent openssl update breaks mysql SSL connection
In article <55D2ED32.6040000 at hogranch.com>, John R Pierce <pierce at hogranch.com> wrote: > On 8/18/2015 1:27 AM, Tony Mountifield wrote: > >> You should now be using mysql55 on CentOS-5, not mysql-5.0 > > That may well be the case, but isn't relevant to the point I'm making, > > which is that something changed in openssl-0.9.8e-36 that has broken
2018 Jul 30
3
2.3.2.1 - EC keys suppport?
...2KC/BOywJAGNHd > SF0PuAzqghQ7JKXqufjxKEyMMEu4H9HlH/h4lwX9hUO5EVDlCNqkcHHu9TCXBCmR > xT/8nuAtTycVigK88A== > -----END CERTIFICATE----- > > > I did some local testing and it seems that you are using a curve that is not acceptable for openssl as a server key. I tested with openssl s_server -cert ec-cert.pem -key ec-key.pem -port 5555 using cert generated with brainpool. Everything works if I use prime256v1 or secp521r1. This is a limitation in OpenSSL and not something we can really do anything about. Aki Tuomi Open-Xchange Oy
2018 Jul 30
0
2.3.2.1 - EC keys suppport?
>> >>> I did some local testing and it seems that you are using a curve >>> that is not acceptable for openssl as a server key. >>> I tested with openssl s_server -cert ec-cert.pem -key ec-key.pem >>> -port 5555 >>> using cert generated with brainpool. Everything works if I use >>> prime256v1 or secp521r1. This is a limitation in OpenSSL and not >>> something we can really do anything about. >>> Aki Tuomi >>...
2018 Jul 31
0
2.3.2.1 - EC keys suppport?
> Perhaps for whose interested - IETF RFC 7027 specifies for TLS use: > > [ brainpoolP256r1 | brainpoolP384r1 | brainpoolP512r1 ] > > And thus t1 would not work anyway. However, having tested r1 the result > was just the same. > > A tcpdump during the openssl test [ s_server | s_client ] then revealed > (TLSv1.2 Record Layer: Handshake Protocol: Client Hello) : > > Extension: supported_groups (len=10) > ??? Type: supported_groups (10) > ??? Length: 10 > ??? Supported Groups List Length: 8 > ??? Supported Groups (4 groups) > ??????? Supported Gro...
2018 Jul 31
0
2.3.2.1 - EC keys suppport?
...27 specifies for TLS use: >>> >>> [ brainpoolP256r1 | brainpoolP384r1 | brainpoolP512r1 ] >>> >>> And thus t1 would not work anyway. However, having tested r1 the result >>> was just the same. >>> >>> A tcpdump during the openssl test [ s_server | s_client ] then revealed >>> (TLSv1.2 Record Layer: Handshake Protocol: Client Hello) : >>> >>> Extension: supported_groups (len=10) >>> ??? Type: supported_groups (10) >>> ??? Length: 10 >>> ??? Supported Groups List Length: 8 >>> ??...
2018 Jul 31
2
2.3.2.1 - EC keys suppport?
...t;>>> >>>> [ brainpoolP256r1 | brainpoolP384r1 | brainpoolP512r1 ] >>>> >>>> And thus t1 would not work anyway. However, having tested r1 the result >>>> was just the same. >>>> >>>> A tcpdump during the openssl test [ s_server | s_client ] then revealed >>>> (TLSv1.2 Record Layer: Handshake Protocol: Client Hello) : >>>> >>>> Extension: supported_groups (len=10) >>>> ??? Type: supported_groups (10) >>>> ??? Length: 10 >>>> ??? Supported Groups List L...
2005 Jul 27
2
TLS connections between Samba&OpenLDAP
Goos morning all, I compiled Samba 3.0.14a with OpenLDAP 2.1.22-0 directory. I then enabled TLS between Samba and OpenLDAP. The following tests succeeded: s_server to s_client --> OK slapd to s_client --> OK slapd to OPenLDAP client commands (ldapsearch..) --> OK The problem is the following: when I start Samba (service smb start), slapd output returns: TLS trace: SSL_accept:SSLv3 flush data tls_read: want=5, got=5 0000: 15 03 01...
2006 Jul 09
1
conflict error installing ghostscript
....9.7a-43.8 file /usr/share/man/man1/nseq.1ssl.gz from install of openssl-0.9.7a-43.8 conflicts with file from package openssl-0.9.7a-43.8 file /usr/share/man/man1/s_client.1ssl.gz from install of openssl-0.9.7a-43.8 conflicts with file from package openssl-0.9.7a-43.8 file /usr/share/man/man1/s_server.1ssl.gz from install of openssl-0.9.7a-43.8 conflicts with file from package openssl-0.9.7a-43.8 file /usr/share/man/man1/sslpasswd.1ssl.gz from install of openssl-0.9.7a-43.8 conflicts with file from package openssl-0.9.7a-43.8 Suggestions? thanks, -- ---------------------------------------...
2006 Jun 12
1
Conflict installing openssl.i386 with openssl.x86_64 on a x86_64 system
...nssl-0.9.7a-43.8 file /usr/share/man/man1/nseq.1ssl.gz from install of openssl-0.9.7a-43.8 conflicts with file from package openssl-0.9.7a-43.8 file /usr/share/man/man1/s_client.1ssl.gz from install of openssl-0.9.7a-43.8 conflicts with file from package openssl-0.9.7a-43.8 file /usr/share/man/man1/s_server.1ssl.gz from install of openssl-0.9.7a-43.8 conflicts with file from package openssl-0.9.7a-43.8 file /usr/share/man/man1/sslpasswd.1ssl.gz from install of openssl-0.9.7a-43.8 conflicts with file from package openssl-0.9.7a-43.8 Looks like the x86_64 and i386 openssl packages install their man pag...
2014 Jun 26
1
TLS/SSL for Win8 & Outlook
...le you are connected to their network." - From that description I would first check if this error means the basic TCP connection. No SSL stuff or something. > Seriously, Outlook (tried 2007 and 2013) use the MS Crypto API for > establishing the SSL connection. This works with openssl s_server but does > not with dovecot. Actually, as Jerry already wrote, some other program may interfere, e.g. an antivirus program that stalls the connection as soon as the connection changes from text to binary after the STARTTLS command. That's what we had problems with. Did you checked the c...
2007 Sep 28
2
OpenSSL bufffer overflow
I did not see any commits to the OpenSSL code, recently; is anybody going to commit the fix? See http://www.securityfocus.com/archive/1/480855/30/0 for details ... Regards, STefan
2011 Oct 09
1
using ecc-certificates (ellyptic curve) will not establish connection
...ating keys+cert for ecc (i.e. curves prime192v1, secp521r1) # openssl ecparam -name prime192v1 -genkey -out prime192v1.key # openssl req -new -key prime192v1.key -out prime192v1.csr # openssl req -x509 -in prime192v1.csr -key prime192v1.key -out prime192v1.crt testing these in 2 windows # openssl s_server -cert prime192v1.crt -key prime192v1.key -www # openssl s_client note: when using the default openssl version 0.9.8o-4squeeze3 you need to append -cipher ECCdraft output (cut) ... New, TLSv1/SSLv3, Cipher is ECDHE-ECDSA-AES256-SHA Server public key is 192 bit Secure Renegotiation IS supported...