Forum

/ Home \ \ Subjects /



Subject: SSL/ TLS

30/10/2006 23:36 temujin:
Server doesn`t recognise "ca-path" and "ca-file" option. I did my own ca cert and server cert but i get errors in console windows when i fill the path for "ca-path".. Server cert does work fine but do i need to specify the ca certificate?
31/10/2006 05:02 Max:
Server translate "Certificate file", "Key file", "CA-Path"
"CA-file" params to OpenSSL library. The server do nothing with this. Probably you may direct CA-path and put your CA sertificates there.
I try some test with "Certificate file". To this file you may put more then one difficult sertificats, usualy OpenSSL will get it.
16/11/2006 03:39 temujin:
When i use SSL connectio with a 256bit(AES-256) server certificate it just encrypts data at 128b (RC4 128). Is it normal or due to a bad server config of my own? I tested the same cert with my vpn and with other SSL web server and it uses AES-256 encryption.
I`m still using smallsrv 305.48 version, should i upgrade to last version?

-Best Regards
16/11/2006 04:41 Max:
Old server version, but it is`t importan for this.

AES and RC4 it isn`t feature of sertificate it is the ciphers
Server and client side may support more then one chipers, and when conection establish both side chouse compatible algoritm.

The library seclib.dll that avilable on the site doesn`t content AES.
If your need AES you may rebuild this library. I know AES doesn`t included in basic OpenSSL 0.9.7, but it is open algoritm you may create your own implimentation, or get one with license that you like and build it to OpenSSL.

17/11/2006 00:57 temujin:
Thx, i`ll try! if i achieve it i`ll send you one copy with AES.

User: Password: New user:   Save password: