[rabbitmq-discuss] SSL

• Previous message: [rabbitmq-discuss] SSL
• Next message: [rabbitmq-discuss] SSL
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Thank you again!

If I run the following command: 

	openssl asn1parse-in "DSISOFT1. Pem"

I get this:

  152: d = 3 hl = 2 l = 17 cons: SET
  154: d = 4 hl = 2 l = 15 cons: SEQUENCE
  156: d = 5 hl = 2 l = 3 prim: OBJECT: commonName
  161: d = 5 hl = 2 l = 8 prim: PrintableString: DSISOFT1

So after I executed: 

	openssl asn1parse -strparse 161 -in "DSISOFT1.pem"

And I get this:

Error in encoding
12172:error:0D07209B:asn1 encoding routines:ASN1_get_object:too long:.\crypto\as
n1\asn1_lib.c:142:

Is it because of this that I can not connect by SSL? The certificates are generated with Red Hat Certificate System 7.3, and we have been using them for years, so it is not easy to change or generate differently.

And I can establish the SSL with this:

	openssl s_server -accept 8443 ....
	openssl s_client -connect localhost:8443 .....


Thank you!




-----Mensaje original-----
De: Emile Joubert [mailto:emile at rabbitmq.com] 
Enviado el: viernes, 05 de abril de 2013 15:08
Para: SAG - Jonathan Andrés
CC: Discussions about RabbitMQ
Asunto: Re: [rabbitmq-discuss] SSL


Hi,

I will need more information about these sections:

On 05/04/13 13:29, SAG - Jonathan Andrés wrote:
>         SET
>         {
>             SEQUENCE
>             {
>                 OBJECT IDENTIFIER=Common Name (2.5.4.3)
>                 PRINTABLE STRING=DSISOFT1
>             }
>         }
>         SET
>         {
>             SEQUENCE
>             {
>                 OBJECT IDENTIFIER=0.9.2342.19200300.100.1.1
>                 PRINTABLE STRING=DSISOFT1
>             }
>         }

Can you please provide the bytes that corresponds with the output above?
The full output from dumpasn1 should contain the offset and length for each set. The Unix 'cut' command with parameter "-b" can be used to obtain the corresponding bytes. If you could please provide those in
base64 or uuencoded format. Sharing this information should not pose a security risk.

If you have problems with the suggested ASN.1 dumper then please free to use "openssl asn1parse" or the program of your choice.

Do you have any information about the software that generated this certificate?


-Emile

• Previous message: [rabbitmq-discuss] SSL
• Next message: [rabbitmq-discuss] SSL
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]