OpenSSL is an open-source implementation of the SSL and TLS protocols. The core library, written in the C programming language, implements the basic cryptographic functions and provides various utility functions.
1
vote
1answer
40 views
how to update cURL openssl version for paypal IPN
I run Linux Debian 7
After hours of trying to get Paypal IPN I found out that you have to have at least 1.0.1 version of openssl.
The issue is server does have 1.0.1 version but cURL version is 0.9.8....
1
vote
1answer
125 views
You have security/openssl installed but do not have DEFAULT_VERSIONS+=ssl=openssl set in your make.conf
On FreeBSD, ever since I installed openssl explicitly I have the following message when I install most ports that require openssl:
/!\ WARNING /!\
You have security/openssl installed but do not have ...
1
vote
0answers
28 views
download file/backup from remote server to desktop without SSH or SCP?
Issue Background
I was trying to install uTorrent on my PHP site and mid-process I was kicked out of SSH and the website went down.
libssl.so.1.0.0 and libcrypto.so.1.0.0 were required for uTorrent ...
0
votes
1answer
37 views
How to make openssl encrypt passwords like php via command line
I have this php script (encrypt.php)
<?php
function encrypt($pure_string, $encryption_key, $encryptionMethod = "AES-256-CBC")
{
$iv = "3571984260";
$encrypted_string = ...
1
vote
1answer
19 views
Openssl p12 certificate storage extract individual certificates preserving names
I have a p12 storage of certificates, and there are a lot of certificates, they are related to a few different sites, so there are a lot of certs for one site. Im trying to extract them all in a way, ...
1
vote
3answers
53 views
How to encrypt a file with private key
I want to encrypt a file with a private key and decrypt it with a public key. A public key will be embedded in my app. So I want to have a guarantee that the file was created by me. How can I use gpg ...
0
votes
2answers
32 views
mass file encryption not working with openssl
I have bunch of log files which I am trying to encrypt with public/private key using openssl and save to my NAS but it is failing.
My log files are in the following path :
/var/SYSLOGS/hosts/...
0
votes
1answer
42 views
Where to find SSL private key on a CentOS server
I am running a server on CentOS, and I would like to decrypt and view the SSL traffic. However, I cannot locate any of the keys necessary to do this. My /etc/pki/CA/private folder is empty, and my /...
3
votes
0answers
61 views
two piped commands, each needs to read password from stdin
Is there a way to sensibly do this:
scp user@host:/path/to/file /dev/tty | openssl [options] | less
without creating a file, and without having to supply either password directly in arguments?
The ...
2
votes
1answer
237 views
Install OpenSSL from source [duplicate]
I installed OpenSSL from source by:
wget https://www.openssl.org/source/openssl-1.0.2h.tar.gz
tar -xvzf openssl-1.0.2h.tar.gz
cd openssl-1.0.2h/
./config --prefix=/usr/local/openssl --openssldir=/usr/...
0
votes
0answers
50 views
Unable to access CUPS /admin page. A TLS fatal alert has been received
We have several servers where the CUPS /admin interface is utilized. It was brought to my attention that several of them are no longer functional. The config is fairly simple and I cannot find a ...
3
votes
2answers
64 views
Can't generate client-side certificate after becoming my own Certificate Authority
I became my own certificate authority after running through the tutorial at: https://jamielinux.com/docs/openssl-certificate-authority/
I created a root pair, created an intermediate pair, and ...
1
vote
0answers
17 views
MIME RSA encryption
i have this scheme
how can i use session-key in MIME to encrypt the message?
i used this command but i don't think it is correct
openssl enc -e -des3 -salt -in MSg_sign.txt -out session.txt
can ...
0
votes
1answer
28 views
Convert PEM formatted public key to DER
I have a public key which is ASN.1 DER formatted shown below :
0:d=0 hl=3 l= 181 cons: SEQUENCE
3:d=1 hl=3 l= 144 cons: SEQUENCE
6:d=2 hl=2 l= 0 prim: ...
0
votes
0answers
23 views
how to install openssl fips on unix
I am new to OpenSSL and trying to install openssl-fips module.
Current version is openssl-1.0.1efips.
Steps performed ---
cd openssl-fips-2.0.12
./config
make
sudo make install
but it does not ...
0
votes
1answer
53 views
How to Make self-signed SSL .key/.crt for Localhost?
I did with a password and with the following fields
sudo openssl req -x509 -days 365 -newkey rsa:2048 -keyout /etc/ssl/apache.key \
-out /etc/ssl/apache.crt
Fields
Country: FI
State: Pirkanmaa
...
1
vote
1answer
59 views
SSL related “undefined reference” on libssh2 and libcurl libs when compiling C on OpenSUSE
I been trying to compile a C software but I'm getting 'undefined reference' over SSL libraries I think. The libraries it mentions are there, actually I compiled them all again: zlib + openssl + ...
0
votes
2answers
46 views
Verify SSLCertificateChainFile using OpenSSL
I encountered such issue on a server of a client as I did not know how to verify SSLCertificateChainFile among other certificates. I have a folder with a lot of SSL certificate keys and corresponding ...
1
vote
0answers
103 views
Unable to compile Linux Kernel 4.7-rc2
I was trying to compile Linux Kernel from source. I've compiled the kernel previously and never got any error. But this time I am facing an error. The error is
CHK include/generated/asm-...
3
votes
1answer
59 views
Enabling export cipher suites in Apache/OpenSSL
I would like to enable export cipher suites in Apache for the purpose of testing out some old vulnerabilities. I haven't been successful thus far, and would greatly appreciate some assistance.
My ...
18
votes
3answers
824 views
Untrusting an intermediate CA in Linux?
From this blog.
Intermediate CAs are certificates signed by a root CA that can sign arbitrary certificates for any websites.
They are just as powerful as root CAs, but there's no full list of ...
0
votes
1answer
99 views
how to convert base 64 encoded public key (.pem) to bytearray?
I need to convert a Base 64 encoded public key file in .pem format to byte array using openssl.
Need to convert public key from the below format:
----BEGIN PUBLIC KEY-----
...
-1
votes
2answers
41 views
I cannnot find ssl.conf for TLS1.2 install
I have a dedicated server with CENTOS 6.7, Apache/2.4.20 php 7 and i want to enable TLS1.2 for paypal payments. From this I understand that i need to add extra lines in ssl.conf
I looked for it in /...
0
votes
1answer
149 views
Can't update OpenSSL on Centos 6.4
I've got a Centos 6.4 system that I'm trying to patch OpenSSL for. Currently, yum reports "1.0.1e-16.el6_5.4" and openssl version shows "1.0.1e-fips". On my Ubuntu machines, I was able to update ...
4
votes
3answers
196 views
How to check for sslv2 from a remote server?
I have a server which I want to check if it supports sslv2.
from a remote machine I do the following:
openssl s_client -ssl2 -connect something.somethingcool.com:443
But this returns:
unknown ...
0
votes
0answers
67 views
How to use openssl to verify and decrypt a SAML2 response
I wish to see all parameters that are actually passed by my identity provider during a SAML2 single sign on process. The response sent by the IdP is signed and encrypted, I think I have all what is ...
0
votes
0answers
13 views
running command in Mobax Terminal are there plugins that are needed
while read CTFlist; do
#next we need to create ctfs padded with zeros as a variable
ctfPadded=$(printf ${ctflist}00000000)
#then call rc2 key as variable
rc2Key="TemporaryRC2Key1"
#next create a ...
3
votes
0answers
104 views
kerberos preauth pkinit failed to initialize: No realms configured correctly for pkinit support
I have successfully installed Kerberos on debian wheezy and can perform service authentication (Apache, ssh) with Kerberos tickets from kinit.
I would like to use certificates for kinit (pkinit) ...
1
vote
1answer
158 views
openssl does not load engine from config file
I'm using openssl-1.0.1f. And I'm trying to load the pkcs11 engine in the config file, but it doesn't work. Here is my config:
openssl_conf = openssl_def
[openssl_def]
engines = engine_section
[...
0
votes
1answer
23 views
Hex has unknown character / in the output
I need to create a Rc2Key variable and then convert this to hexadecimal. I have done this with two commands. The Rc2Key variable has to be 16 characters long, so in my test module I used "...
0
votes
1answer
65 views
openssl dgst -sha1 -hmac “key” producing an extraneous “(stdin)= ” prefix and trailing newline
if you run:
while read CTFid; do echo -n "$CTFid" | openssl dgst -sha1 -hmac "key"; done < CTFid.csv > OPKlist.csv
i am getting (stdin) in the prefix like so
(stdin)=...
2
votes
1answer
47 views
How do I specify a requirement for a minimum version of openssl in RPM spec file?
The rpm spec file for my package looks like this -
Requires:mysql-server >= 5.5.30, java >= 1.6, p7zip, openssl >= 1.0.2g
I have an RHEL system where the openssl version is this:
[ag@...
0
votes
1answer
2k views
How to update OpenSSL on centos 7.2?
I am using centos 7.2, I will intall Nginx-CT,and it needs OpenSSL 1.0.2,the current version is as follow:
[root@i001 ~]# rpm -qa|grep openssl
openssl-libs-1.0.1e-51.el7_2.4.x86_64
openssl-devel-1.0....
0
votes
0answers
40 views
Installing Plone 5-on-RHEL 7-fails-unable-to-find-libssl-or-openssl-ssl-h
sudo ./install.sh --target=/home/admin/Plone --build-python zeo
Error:
Unable to find libssl or openssl/ssl.h.
libssl and its development headers are required for Plone.
Please install your ...
0
votes
0answers
116 views
OpenSSL installation is missing the X509_VERIFY_PARAM function
I am trying to install clamav 0.99.1 on RedHat 7.3. My OpenSSL version is 1.0.1.
I am using the below command to install clamav:
./configure --prefix=/usr --with-user=defang --with-group=defang --...
0
votes
0answers
32 views
Nginx + CentOS 6 + OpenSSL Library - Update System Version
CentOS 6
I'm running Nginx which is built with an earlier version of OpenSSL:
Note: my linux skills aren't so strong with this kinda stuff so any advise or direction would be greatly appreciated.
...
0
votes
1answer
61 views
Error writing output file when I decryption files using openssl
I am working on an encrypted data set. And using the code below to decrypt files.
openssl enc -aes-256-cbc -d -in $encryptedfile -out $decrypted_file -pass file:secret.txt
But I am always notified ...
0
votes
1answer
123 views
openssl: unable to get local issuer certificate with some versions
With OpenSSL 1.0.2g (MacPorts on OS X) I can check Google's certificate (I have to specify the certificate bundle as OS X usually stores it in the KeyChain)
$ echo Q | /opt/local/bin/openssl ...
1
vote
0answers
32 views
Openvpn authentication fail caused by wrong system date time
I have a remote linux device connected as an openvpn client to an openvpn server over TCP,
with standard certificate authentication.
Unfortunately this device has lost the current system Date Time, ...
1
vote
1answer
467 views
Installing openssl on R
I'm trying to install openssl inside R, using install.packages('openssl'), but I'm getting an error message:
* installing *source* package ‘openssl’ ...
** package ‘openssl’ successfully unpacked and ...
0
votes
0answers
98 views
Configuring Apache with Openssl and Enabling FIPS mode causing fingerpoint error
Can someone please help me I have recently upgraded my apache from 2.4.12 to 2.4.18 and I have also updated the openssl 1.01e to 1.02f.
I followed the steps from here
I ran this command
./...
-1
votes
2answers
519 views
How can I upgrade OpenSSL version to openssl-1.0.1s in RHEL 5 machine?
My current openssl version is openSSL 0.9.8e-fips-rhel5. I want to upgrade this to openssl-1.0.1s. The yum update openssl will not work here.
I removed openssl binaries from following path
/usr/lib/...
4
votes
0answers
98 views
How to create large size encrypted file using openssl command
During the creation of an encrypted file in AIX, I received this error:
$ openssl enc -aes-256-cbc -salt -in test.img -out test.img.enc
test.img: Value too large to be stored in data type
14221428:...
0
votes
0answers
39 views
Problem when installing FADE on Ubuntu
I'm trying to install FADE (Secure Overlay Cloud Storage with File Assured Deletion) but i have some problems when i try to install it.
Here is the error.
root@GRayFox:/home/ahmed/fade-0.2# make
make:...
2
votes
1answer
71 views
How to convert open-ssl created private key to openssh private key?
I have created an open-ssl private key which I would like to use to connect to my server through ssh. The openssl key was generated during certificate creation and I have to use this key on putty. The ...
3
votes
1answer
215 views
Decoding ASN.1 messages using Openssl asn1parse tool
I am using openssl asn1parse tool over RHEL, I have my own ASN.1 abstract syntax file, called TestModule.asn1, when I am trying to parse a message using following command:
openssl asn1parse -inform ...
2
votes
0answers
107 views
OpenSSL converting chars to UTF-8 literals
I'm running a simple PKI web application in Php that uses OpenSSL shell commands and stores information in a text database. I have to deal with non-ASCII input characters (eg. German) but when a new ...
1
vote
1answer
2k views
Centos/RHEL 7: OpenSSL update not available
I have openssl 1.0.1e installed but its seems to be buggy based on this
But when I list out the updates for the system it doesn't list out 1.0.1q as suggested on above link.
Any idea how to install ...
-1
votes
1answer
110 views
trying a new 2016 openssl package, but still see the old 2012 version. Ubuntu 12.04
I'm trying to install a new 2016 open ssl package, but still see the old 2012 version, on Ubuntu 12.04 .
I have a bunch of Ubuntu 12.04 dedicated machines that can't connect to the internet. They're ...
0
votes
0answers
79 views
How do I install and configure NTP on CentOS 7 from source? (include/ntp_crypt.h errors)
I unpacked the .tar.gz file for the newest NTP. I installed the gcc compiler and libcap devel. I ran the ./configure command with various flags and options. I ran make check and found an error. The ...
