[openssl-users] regarding SSL security

R-D intern Suman.Patro-TRN at lntebg.com
Fri Feb 12 17:37:29 UTC 2016

Thank you a lot, Jakob.I understood your answers and am quite satisfied too
that the replies sound conceptually right. But it would be kind on your part
if you answer some questions further.

1. Regarding question 3, I am using openssl 1.0.2e which supports named
curve. Such a question had earlier been asked in this forum which says ,
such a message is only misleading but the certificate works fine. Here is
the below
I would like the certificate have a clean structure. How can that be done?

2.Regarding question 7, I am working to secure a middleware that will be
deployed in control and monitoring systems, hence there would be know
persons at the client side and  the certificates I am  using are self signed
ones created using openssl 1.0.2e , hence there will be no public CAs . In
such a scenario , how will the CA know that the private  key has been
compromised? If the private key  gets compromised, then even the certificate
can be forged ,then what is the use of CRL?
 Kindly answer. 
Thanks and regards,
Suman Patro

View this message in context: http://openssl.6102.n7.nabble.com/regarding-SSL-security-tp63504p63567.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.

More information about the openssl-users mailing list