[openssl-users] regarding SSL security
R-D intern
Suman.Patro-TRN at lntebg.com
Fri Feb 12 17:37:29 UTC 2016
Thank you a lot, Jakob.I understood your answers and am quite satisfied too
that the replies sound conceptually right. But it would be kind on your part
if you answer some questions further.
1. Regarding question 3, I am using openssl 1.0.2e which supports named
curve. Such a question had earlier been asked in this forum which says ,
such a message is only misleading but the certificate works fine. Here is
the below
link:"http://openssl.6102.n7.nabble.com/ECC-Self-Signed-Certificate-td17042.html#a17047".But
I would like the certificate have a clean structure. How can that be done?
2.Regarding question 7, I am working to secure a middleware that will be
deployed in control and monitoring systems, hence there would be know
persons at the client side and the certificates I am using are self signed
ones created using openssl 1.0.2e , hence there will be no public CAs . In
such a scenario , how will the CA know that the private key has been
compromised? If the private key gets compromised, then even the certificate
can be forged ,then what is the use of CRL?
Kindly answer.
Thanks and regards,
Suman Patro
--
View this message in context: http://openssl.6102.n7.nabble.com/regarding-SSL-security-tp63504p63567.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.
More information about the openssl-users
mailing list