Search Results

Search found 890 results on 36 pages for 'openssl'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 15/36 | < Previous Page | 11 12 13 14 15 16 17 18 19 20 21 22  | Next Page >

  • RHEL 5.5 Yum Update Fails Dependency Error

    - by user65788
    I have 30 different RHEL 5.5 machines that will not update some 33 packages via Yum. Does anyone know why these packages will not install and how to correct this? Yum clean all does not fix the issue, however skip broken will allow other updates to install but I am really after a way to clear this up for good. They are stock boxes with RHEL subscription and not using any yum repositories other than Red Hat's own official repositories. They have not been updated for over a year! yum update Loaded plugins: rhnplugin, security rhel-i386-client-5 | 1.4 kB 00:00 rhel-i386-client-5/primary | 2.8 MB 00:09 rhel-i386-client-5 6607/6607 Skipping security plugin, no data Setting up Update Process Resolving Dependencies Skipping security plugin, no data --> Running transaction check ---> Package autofs.i386 1:5.0.1-0.rc2.143.el5_5.6 set to be updated ---> Package cpp.i386 0:4.1.2-48.el5 set to be updated --> Processing Dependency: curl = 7.15.5-2.1.el5_3.5 for package: curl-devel ---> Package curl.i386 0:7.15.5-9.el5 set to be updated --> Processing Dependency: cyrus-sasl-lib = 2.1.22-5.el5 for package: cyrus-sasl-devel ---> Package cyrus-sasl-lib.i386 0:2.1.22-5.el5_4.3 set to be updated ---> Package cyrus-sasl-md5.i386 0:2.1.22-5.el5_4.3 set to be updated ---> Package cyrus-sasl-plain.i386 0:2.1.22-5.el5_4.3 set to be updated --> Processing Dependency: db4 = 4.3.29-10.el5 for package: db4-devel ---> Package db4.i386 0:4.3.29-10.el5_5.2 set to be updated --> Processing Dependency: dbus = 1.1.2-12.el5 for package: dbus-devel ---> Package dbus.i386 0:1.1.2-14.el5 set to be updated ---> Package dbus-libs.i386 0:1.1.2-14.el5 set to be updated ---> Package dbus-x11.i386 0:1.1.2-14.el5 set to be updated ---> Package e2fsprogs.i386 0:1.39-23.el5_5.1 set to be updated --> Processing Dependency: e2fsprogs-libs = 1.39-23.el5 for package: e2fsprogs-devel ---> Package e2fsprogs-libs.i386 0:1.39-23.el5_5.1 set to be updated ---> Package esc.i386 0:1.1.0-12.el5 set to be updated --> Processing Dependency: expat = 1.95.8-8.2.1 for package: expat-devel ---> Package expat.i386 0:1.95.8-8.3.el5_5.3 set to be updated ---> Package firefox.i386 0:3.6.13-2.el5 set to be updated --> Processing Dependency: freetype = 2.2.1-21.el5_3 for package: freetype-devel ---> Package freetype.i386 0:2.2.1-28.el5_5.1 set to be updated --> Processing Dependency: gcc = 4.1.2-46.el5_4.1 for package: gcc-c++ --> Processing Dependency: gcc = 4.1.2-46.el5_4.1 for package: gcc-gfortran ---> Package gcc.i386 0:4.1.2-48.el5 set to be updated --> Processing Dependency: gd = 2.0.33-9.4.el5_1.1 for package: gd-devel ---> Package gd.i386 0:2.0.33-9.4.el5_4.2 set to be updated --> Processing Dependency: gnome-vfs2 = 2.16.2-4.el5 for package: gnome-vfs2-devel ---> Package gnome-vfs2.i386 0:2.16.2-6.el5_5.1 set to be updated ---> Package gnome-vfs2-smb.i386 0:2.16.2-6.el5_5.1 set to be updated --> Processing Dependency: gnutls = 1.4.1-3.el5_3.5 for package: gnutls-devel ---> Package gnutls.i386 0:1.4.1-3.el5_4.8 set to be updated --> Processing Dependency: gtk2 = 2.10.4-20.el5 for package: gtk2-devel ---> Package gtk2.i386 0:2.10.4-21.el5_5.6 set to be updated --> Processing Dependency: hal = 0.5.8.1-52.el5 for package: hal-devel ---> Package hal.i386 0:0.5.8.1-59.el5 set to be updated --> Processing Dependency: krb5-libs = 1.6.1-36.el5 for package: krb5-devel ---> Package krb5-libs.i386 0:1.6.1-36.el5_5.6 set to be updated ---> Package krb5-workstation.i386 0:1.6.1-36.el5_5.6 set to be updated --> Processing Dependency: libXi = 1.0.1-3.1 for package: libXi-devel ---> Package libXi.i386 0:1.0.1-4.el5_4 set to be updated --> Processing Dependency: libXrandr = 1.1.1-3.1 for package: libXrandr-devel ---> Package libXrandr.i386 0:1.1.1-3.3 set to be updated --> Processing Dependency: libXt = 1.0.2-3.1.fc6 for package: libXt-devel ---> Package libXt.i386 0:1.0.2-3.2.el5 set to be updated --> Processing Dependency: libgfortran = 4.1.2-46.el5_4.1 for package: gcc-gfortran ---> Package libgfortran.i386 0:4.1.2-48.el5 set to be updated --> Processing Dependency: libsepol = 1.15.2-2.el5 for package: libsepol-devel ---> Package libsepol.i386 0:1.15.2-3.el5 set to be updated --> Processing Dependency: libstdc++ = 4.1.2-46.el5_4.1 for package: gcc-c++ --> Processing Dependency: libstdc++ = 4.1.2-46.el5_4.1 for package: libstdc++-devel ---> Package libstdc++.i386 0:4.1.2-48.el5 set to be updated --> Processing Dependency: mesa-libGL = 6.5.1-7.7.el5 for package: mesa-libGL-devel ---> Package mesa-libGL.i386 0:6.5.1-7.8.el5 set to be updated --> Processing Dependency: mesa-libGLU = 6.5.1-7.7.el5 for package: mesa-libGLU-devel ---> Package mesa-libGLU.i386 0:6.5.1-7.8.el5 set to be updated --> Processing Dependency: newt = 0.52.2-12.el5_4.1 for package: newt-devel ---> Package newt.i386 0:0.52.2-15.el5 set to be updated --> Processing Dependency: nspr = 4.7.6-1.el5_4 for package: nspr-devel ---> Package nspr.i386 0:4.8.6-1.el5 set to be updated --> Processing Dependency: nss = 3.12.3.99.3-1.el5_3.2 for package: nss-devel ---> Package nss.i386 0:3.12.8-1.el5 set to be updated ---> Package nss-tools.i386 0:3.12.8-1.el5 set to be updated --> Processing Dependency: openldap = 2.3.43-3.el5 for package: openldap-devel ---> Package openldap.i386 0:2.3.43-12.el5_5.3 set to be updated ---> Package openldap-clients.i386 0:2.3.43-12.el5_5.3 set to be updated --> Processing Dependency: openssl = 0.9.8e-12.el5 for package: openssl-devel ---> Package openssl.i686 0:0.9.8e-12.el5_5.7 set to be updated --> Processing Dependency: pam = 0.99.6.2-6.el5 for package: pam-devel ---> Package pam.i386 0:0.99.6.2-6.el5_5.2 set to be updated --> Processing Dependency: popt = 1.10.2.3-18.el5 for package: rpm-devel --> Processing Dependency: popt = 1.10.2.3-18.el5 for package: rpm-build ---> Package popt.i386 0:1.10.2.3-20.el5_5.1 set to be updated --> Processing Dependency: python = 2.4.3-27.el5 for package: python-devel ---> Package python.i386 0:2.4.3-27.el5_5.3 set to be updated --> Processing Dependency: rpm = 4.4.2.3-18.el5 for package: rpm-devel --> Processing Dependency: rpm = 4.4.2.3-18.el5 for package: rpm-build ---> Package rpm.i386 0:4.4.2.3-20.el5_5.1 set to be updated --> Processing Dependency: rpm-libs = 4.4.2.3-18.el5 for package: rpm-devel --> Processing Dependency: rpm-libs = 4.4.2.3-18.el5 for package: rpm-build ---> Package rpm-libs.i386 0:4.4.2.3-20.el5_5.1 set to be updated ---> Package rpm-python.i386 0:4.4.2.3-20.el5_5.1 set to be updated ---> Package xulrunner.i386 0:1.9.2.13-3.el5 set to be updated ---> Package xulrunner-devel.i386 0:1.9.2.7-2.el5 set to be updated --> Processing Dependency: xulrunner = 1.9.2.7-2.el5 for package: xulrunner-devel --> Processing Dependency: nss-devel >= 3.12.6 for package: xulrunner-devel --> Processing Dependency: nspr-devel >= 4.8 for package: xulrunner-devel --> Processing Dependency: libnotify-devel for package: xulrunner-devel ---> Package yelp.i386 0:2.16.0-26.el5 set to be updated rhel-i386-client-5/filelists | 16 MB 00:45 --> Finished Dependency Resolution xulrunner-devel-1.9.2.7-2.el5.i386 from rhel-i386-client-5 has depsolving problems --> Missing Dependency: libnotify-devel is needed by package xulrunner-devel-1.9.2.7-2.el5.i386 (rhel-i386-client-5) mesa-libGLU-devel-6.5.1-7.7.el5.i386 from installed has depsolving problems --> Missing Dependency: mesa-libGLU = 6.5.1-7.7.el5 is needed by package mesa-libGLU-devel-6.5.1-7.7.el5.i386 (installed) python-devel-2.4.3-27.el5.i386 from installed has depsolving problems --> Missing Dependency: python = 2.4.3-27.el5 is needed by package python-devel-2.4.3-27.el5.i386 (installed) nss-devel-3.12.3.99.3-1.el5_3.2.i386 from installed has depsolving problems --> Missing Dependency: nss = 3.12.3.99.3-1.el5_3.2 is needed by package nss-devel-3.12.3.99.3-1.el5_3.2.i386 (installed) libstdc++-devel-4.1.2-46.el5_4.1.i386 from installed has depsolving problems --> Missing Dependency: libstdc++ = 4.1.2-46.el5_4.1 is needed by package libstdc++-devel-4.1.2-46.el5_4.1.i386 (installed) xulrunner-devel-1.9.2.7-2.el5.i386 from rhel-i386-client-5 has depsolving problems --> Missing Dependency: nspr-devel >= 4.8 is needed by package xulrunner-devel-1.9.2.7-2.el5.i386 (rhel-i386-client-5) gcc-c++-4.1.2-46.el5_4.1.i386 from installed has depsolving problems --> Missing Dependency: libstdc++ = 4.1.2-46.el5_4.1 is needed by package gcc-c++-4.1.2-46.el5_4.1.i386 (installed) rpm-devel-4.4.2.3-18.el5.i386 from installed has depsolving problems --> Missing Dependency: rpm-libs = 4.4.2.3-18.el5 is needed by package rpm-devel-4.4.2.3-18.el5.i386 (installed) xulrunner-devel-1.9.2.7-2.el5.i386 from rhel-i386-client-5 has depsolving problems --> Missing Dependency: xulrunner = 1.9.2.7-2.el5 is needed by package xulrunner-devel-1.9.2.7-2.el5.i386 (rhel-i386-client-5) nspr-devel-4.7.6-1.el5_4.i386 from installed has depsolving problems --> Missing Dependency: nspr = 4.7.6-1.el5_4 is needed by package nspr-devel-4.7.6-1.el5_4.i386 (installed) libXrandr-devel-1.1.1-3.1.i386 from installed has depsolving problems --> Missing Dependency: libXrandr = 1.1.1-3.1 is needed by package libXrandr-devel-1.1.1-3.1.i386 (installed) libsepol-devel-1.15.2-2.el5.i386 from installed has depsolving problems --> Missing Dependency: libsepol = 1.15.2-2.el5 is needed by package libsepol-devel-1.15.2-2.el5.i386 (installed) libXt-devel-1.0.2-3.1.fc6.i386 from installed has depsolving problems --> Missing Dependency: libXt = 1.0.2-3.1.fc6 is needed by package libXt-devel-1.0.2-3.1.fc6.i386 (installed) mesa-libGL-devel-6.5.1-7.7.el5.i386 from installed has depsolving problems --> Missing Dependency: mesa-libGL = 6.5.1-7.7.el5 is needed by package mesa-libGL-devel-6.5.1-7.7.el5.i386 (installed) openldap-devel-2.3.43-3.el5.i386 from installed has depsolving problems --> Missing Dependency: openldap = 2.3.43-3.el5 is needed by package openldap-devel-2.3.43-3.el5.i386 (installed) openssl-devel-0.9.8e-12.el5.i386 from installed has depsolving problems --> Missing Dependency: openssl = 0.9.8e-12.el5 is needed by package openssl-devel-0.9.8e-12.el5.i386 (installed) dbus-devel-1.1.2-12.el5.i386 from installed has depsolving problems --> Missing Dependency: dbus = 1.1.2-12.el5 is needed by package dbus-devel-1.1.2-12.el5.i386 (installed) newt-devel-0.52.2-12.el5_4.1.i386 from installed has depsolving problems --> Missing Dependency: newt = 0.52.2-12.el5_4.1 is needed by package newt-devel-0.52.2-12.el5_4.1.i386 (installed) gnome-vfs2-devel-2.16.2-4.el5.i386 from installed has depsolving problems --> Missing Dependency: gnome-vfs2 = 2.16.2-4.el5 is needed by package gnome-vfs2-devel-2.16.2-4.el5.i386 (installed) gnutls-devel-1.4.1-3.el5_3.5.i386 from installed has depsolving problems --> Missing Dependency: gnutls = 1.4.1-3.el5_3.5 is needed by package gnutls-devel-1.4.1-3.el5_3.5.i386 (installed) rpm-build-4.4.2.3-18.el5.i386 from installed has depsolving problems --> Missing Dependency: rpm-libs = 4.4.2.3-18.el5 is needed by package rpm-build-4.4.2.3-18.el5.i386 (installed) gd-devel-2.0.33-9.4.el5_1.1.i386 from installed has depsolving problems --> Missing Dependency: gd = 2.0.33-9.4.el5_1.1 is needed by package gd-devel-2.0.33-9.4.el5_1.1.i386 (installed) e2fsprogs-devel-1.39-23.el5.i386 from installed has depsolving problems --> Missing Dependency: e2fsprogs-libs = 1.39-23.el5 is needed by package e2fsprogs-devel-1.39-23.el5.i386 (installed) xulrunner-devel-1.9.2.7-2.el5.i386 from rhel-i386-client-5 has depsolving problems --> Missing Dependency: nss-devel >= 3.12.6 is needed by package xulrunner-devel-1.9.2.7-2.el5.i386 (rhel-i386-client-5) krb5-devel-1.6.1-36.el5.i386 from installed has depsolving problems --> Missing Dependency: krb5-libs = 1.6.1-36.el5 is needed by package krb5-devel-1.6.1-36.el5.i386 (installed) gcc-gfortran-4.1.2-46.el5_4.1.i386 from installed has depsolving problems --> Missing Dependency: libgfortran = 4.1.2-46.el5_4.1 is needed by package gcc-gfortran-4.1.2-46.el5_4.1.i386 (installed) curl-devel-7.15.5-2.1.el5_3.5.i386 from installed has depsolving problems --> Missing Dependency: curl = 7.15.5-2.1.el5_3.5 is needed by package curl-devel-7.15.5-2.1.el5_3.5.i386 (installed) pam-devel-0.99.6.2-6.el5.i386 from installed has depsolving problems --> Missing Dependency: pam = 0.99.6.2-6.el5 is needed by package pam-devel-0.99.6.2-6.el5.i386 (installed) rpm-build-4.4.2.3-18.el5.i386 from installed has depsolving problems --> Missing Dependency: rpm = 4.4.2.3-18.el5 is needed by package rpm-build-4.4.2.3-18.el5.i386 (installed) expat-devel-1.95.8-8.2.1.i386 from installed has depsolving problems --> Missing Dependency: expat = 1.95.8-8.2.1 is needed by package expat-devel-1.95.8-8.2.1.i386 (installed) gcc-c++-4.1.2-46.el5_4.1.i386 from installed has depsolving problems --> Missing Dependency: gcc = 4.1.2-46.el5_4.1 is needed by package gcc-c++-4.1.2-46.el5_4.1.i386 (installed) gtk2-devel-2.10.4-20.el5.i386 from installed has depsolving problems --> Missing Dependency: gtk2 = 2.10.4-20.el5 is needed by package gtk2-devel-2.10.4-20.el5.i386 (installed) gcc-gfortran-4.1.2-46.el5_4.1.i386 from installed has depsolving problems --> Missing Dependency: gcc = 4.1.2-46.el5_4.1 is needed by package gcc-gfortran-4.1.2-46.el5_4.1.i386 (installed) cyrus-sasl-devel-2.1.22-5.el5.i386 from installed has depsolving problems --> Missing Dependency: cyrus-sasl-lib = 2.1.22-5.el5 is needed by package cyrus-sasl-devel-2.1.22-5.el5.i386 (installed) rpm-devel-4.4.2.3-18.el5.i386 from installed has depsolving problems --> Missing Dependency: popt = 1.10.2.3-18.el5 is needed by package rpm-devel-4.4.2.3-18.el5.i386 (installed) db4-devel-4.3.29-10.el5.i386 from installed has depsolving problems --> Missing Dependency: db4 = 4.3.29-10.el5 is needed by package db4-devel-4.3.29-10.el5.i386 (installed) rpm-build-4.4.2.3-18.el5.i386 from installed has depsolving problems --> Missing Dependency: popt = 1.10.2.3-18.el5 is needed by package rpm-build-4.4.2.3-18.el5.i386 (installed) rpm-devel-4.4.2.3-18.el5.i386 from installed has depsolving problems --> Missing Dependency: rpm = 4.4.2.3-18.el5 is needed by package rpm-devel-4.4.2.3-18.el5.i386 (installed) libXi-devel-1.0.1-3.1.i386 from installed has depsolving problems --> Missing Dependency: libXi = 1.0.1-3.1 is needed by package libXi-devel-1.0.1-3.1.i386 (installed) hal-devel-0.5.8.1-52.el5.i386 from installed has depsolving problems --> Missing Dependency: hal = 0.5.8.1-52.el5 is needed by package hal-devel-0.5.8.1-52.el5.i386 (installed) freetype-devel-2.2.1-21.el5_3.i386 from installed has depsolving problems --> Missing Dependency: freetype = 2.2.1-21.el5_3 is needed by package freetype-devel-2.2.1-21.el5_3.i386 (installed) Error: Missing Dependency: libgfortran = 4.1.2-46.el5_4.1 is needed by package gcc-gfortran-4.1.2-46.el5_4.1.i386 (installed) Error: Missing Dependency: libsepol = 1.15.2-2.el5 is needed by package libsepol-devel-1.15.2-2.el5.i386 (installed) Error: Missing Dependency: libstdc++ = 4.1.2-46.el5_4.1 is needed by package gcc-c++-4.1.2-46.el5_4.1.i386 (installed) Error: Missing Dependency: mesa-libGL = 6.5.1-7.7.el5 is needed by package mesa-libGL-devel-6.5.1-7.7.el5.i386 (installed) Error: Missing Dependency: mesa-libGLU = 6.5.1-7.7.el5 is needed by package mesa-libGLU-devel-6.5.1-7.7.el5.i386 (installed) Error: Missing Dependency: freetype = 2.2.1-21.el5_3 is needed by package freetype-devel-2.2.1-21.el5_3.i386 (installed) Error: Missing Dependency: hal = 0.5.8.1-52.el5 is needed by package hal-devel-0.5.8.1-52.el5.i386 (installed) Error: Missing Dependency: libXt = 1.0.2-3.1.fc6 is needed by package libXt-devel-1.0.2-3.1.fc6.i386 (installed) Error: Missing Dependency: openldap = 2.3.43-3.el5 is needed by package openldap-devel-2.3.43-3.el5.i386 (installed) Error: Missing Dependency: libstdc++ = 4.1.2-46.el5_4.1 is needed by package libstdc++-devel-4.1.2-46.el5_4.1.i386 (installed) Error: Missing Dependency: nss-devel >= 3.12.6 is needed by package xulrunner-devel-1.9.2.7-2.el5.i386 (rhel-i386-client-5) Error: Missing Dependency: newt = 0.52.2-12.el5_4.1 is needed by package newt-devel-0.52.2-12.el5_4.1.i386 (installed) Error: Missing Dependency: gnutls = 1.4.1-3.el5_3.5 is needed by package gnutls-devel-1.4.1-3.el5_3.5.i386 (installed) Error: Missing Dependency: gnome-vfs2 = 2.16.2-4.el5 is needed by package gnome-vfs2-devel-2.16.2-4.el5.i386 (installed) Error: Missing Dependency: libXrandr = 1.1.1-3.1 is needed by package libXrandr-devel-1.1.1-3.1.i386 (installed) Error: Missing Dependency: python = 2.4.3-27.el5 is needed by package python-devel-2.4.3-27.el5.i386 (installed) Error: Missing Dependency: gcc = 4.1.2-46.el5_4.1 is needed by package gcc-c++-4.1.2-46.el5_4.1.i386 (installed) Error: Missing Dependency: libnotify-devel is needed by package xulrunner-devel-1.9.2.7-2.el5.i386 (rhel-i386-client-5) Error: Missing Dependency: popt = 1.10.2.3-18.el5 is needed by package rpm-devel-4.4.2.3-18.el5.i386 (installed) Error: Missing Dependency: openssl = 0.9.8e-12.el5 is needed by package openssl-devel-0.9.8e-12.el5.i386 (installed) Error: Missing Dependency: curl = 7.15.5-2.1.el5_3.5 is needed by package curl-devel-7.15.5-2.1.el5_3.5.i386 (installed) Error: Missing Dependency: xulrunner = 1.9.2.7-2.el5 is needed by package xulrunner-devel-1.9.2.7-2.el5.i386 (rhel-i386-client-5) Error: Missing Dependency: nspr = 4.7.6-1.el5_4 is needed by package nspr-devel-4.7.6-1.el5_4.i386 (installed) Error: Missing Dependency: nss = 3.12.3.99.3-1.el5_3.2 is needed by package nss-devel-3.12.3.99.3-1.el5_3.2.i386 (installed) Error: Missing Dependency: popt = 1.10.2.3-18.el5 is needed by package rpm-build-4.4.2.3-18.el5.i386 (installed) Error: Missing Dependency: libXi = 1.0.1-3.1 is needed by package libXi-devel-1.0.1-3.1.i386 (installed) Error: Missing Dependency: nspr-devel >= 4.8 is needed by package xulrunner-devel-1.9.2.7-2.el5.i386 (rhel-i386-client-5) Error: Missing Dependency: pam = 0.99.6.2-6.el5 is needed by package pam-devel-0.99.6.2-6.el5.i386 (installed) Error: Missing Dependency: rpm = 4.4.2.3-18.el5 is needed by package rpm-build-4.4.2.3-18.el5.i386 (installed) Error: Missing Dependency: cyrus-sasl-lib = 2.1.22-5.el5 is needed by package cyrus-sasl-devel-2.1.22-5.el5.i386 (installed) Error: Missing Dependency: gtk2 = 2.10.4-20.el5 is needed by package gtk2-devel-2.10.4-20.el5.i386 (installed) Error: Missing Dependency: dbus = 1.1.2-12.el5 is needed by package dbus-devel-1.1.2-12.el5.i386 (installed) Error: Missing Dependency: db4 = 4.3.29-10.el5 is needed by package db4-devel-4.3.29-10.el5.i386 (installed) Error: Missing Dependency: rpm-libs = 4.4.2.3-18.el5 is needed by package rpm-build-4.4.2.3-18.el5.i386 (installed) Error: Missing Dependency: gcc = 4.1.2-46.el5_4.1 is needed by package gcc-gfortran-4.1.2-46.el5_4.1.i386 (installed) Error: Missing Dependency: expat = 1.95.8-8.2.1 is needed by package expat-devel-1.95.8-8.2.1.i386 (installed) Error: Missing Dependency: gd = 2.0.33-9.4.el5_1.1 is needed by package gd-devel-2.0.33-9.4.el5_1.1.i386 (installed) Error: Missing Dependency: krb5-libs = 1.6.1-36.el5 is needed by package krb5-devel-1.6.1-36.el5.i386 (installed) Error: Missing Dependency: rpm = 4.4.2.3-18.el5 is needed by package rpm-devel-4.4.2.3-18.el5.i386 (installed) Error: Missing Dependency: rpm-libs = 4.4.2.3-18.el5 is needed by package rpm-devel-4.4.2.3-18.el5.i386 (installed) Error: Missing Dependency: e2fsprogs-libs = 1.39-23.el5 is needed by package e2fsprogs-devel-1.39-23.el5.i386 (installed) You could try using --skip-broken to work around the problem You could try running: package-cleanup --problems package-cleanup --dupes rpm -Va --nofiles --nodigest The repolist is yum repolist all Loaded plugins: rhnplugin, security repo id repo name status rhel-debuginfo Red Hat Enterprise Linux 5Client - i386 - Deb disabled rhel-debuginfo-beta Red Hat Enterprise Linux 5Client Beta - i386 disabled rhel-i386-client-5 Red Hat Enterprise Linux Desktop (v. 5 for 32 enabled: 6,607 repolist: 6,607

    Read the article

  • Apache : Illegal override option FileInfo

    - by Kave
    I have installed a new Ubuntu 12.04 Server and setup Apache and MySQL. I am just trying to replicate what I have in my current server and came across one single problem. - FileInfo Within these two files below: /etc/apache2/sites-available/default-ssl /etc/apache2/sites-available/default I need to add some overrides for the apache server. Original: <Directory /var/www/MySite> Options Indexes FollowSymLinks MultiViews AllowOverride None Order allow,deny allow from all </Directory> New: <Directory /var/www/MySite> Options Indexes FollowSymLinks MultiViews AllowOverride FileInfo, Indexes Order allow,deny allow from all </Directory> I have installed the following mods for Apache: sudo apt-get install lamp-server^ -y sudo apt-get install apache2.2-common apache2-utils openssl openssl-blacklist openssl-blacklist-extra -y sudo apt-get install curl libcurl3 libcurl3-dev php5-curl -y sudo apt-get install php5-tidy -y sudo apt-get install php5-gd -y sudo apt-get install php-apc -y sudo apt-get install memcached -y sudo apt-get install php5-memcache -y sudo a2enmod ssl sudo a2enmod rewrite sudo a2enmod headers sudo a2enmod expires sudo a2enmod php5 So When I do a restart with AllowOverride None, its all ok. sudo /etc/init.d/apache2 restart * Restarting web server apache2 ... waiting [OK] But as soon as I change the AllowOverride to FileInfo, Indexes Syntax error on line 11 of /etc/apache2/sites-enabled/000-default: Illegal override option FileInfo, Action 'configtest' failed. The Apache error log may have more information. ...fail! I can't see anything unusual in the error.log [Wed Jun 06 08:23:51 2012] [notice] caught SIGTERM, shutting down [Wed Jun 06 08:23:52 2012] [warn] RSA server certificate CommonName (CN) `mySite.com' does NOT match server name!? [Wed Jun 06 08:23:52 2012] [warn] RSA server certificate CommonName (CN) `mySite.com' does NOT match server name!? [Wed Jun 06 08:23:52 2012] [notice] Apache/2.2.22 (Ubuntu) PHP/5.3.10-1ubuntu3.1 with Suhosin-Patch mod_ssl/2.2.22 OpenSSL/1.0.1 configured -- resuming normal operations I get that warning because its a test server, nonetheless I get the same warning with AllowOverride None and yet it restarts the Apache server correctly. Therefore this warning should be harmless. Have I missed something? Thanks,

    Read the article

  • "No route to host" with ssl but not with telnet

    - by Clemens Bergmann
    I have a strange problem with connecting to a https site from one of my servers. When I type: telnet puppet 8140 I am presented with a standard telnet console and can talk to the Server as always: Connected to athena.hidden.tld. Escape character is '^]'. GET / HTTP/1.1 <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>400 Bad Request</title> </head><body> <h1>Bad Request</h1> <p>Your browser sent a request that this server could not understand.<br /> Reason: You're speaking plain HTTP to an SSL-enabled server port.<br /> Instead use the HTTPS scheme to access this URL, please.<br /> <blockquote>Hint: <a href="https://athena.hidden.tld:8140/"><b>https://athena.hidden.tld:8140/</b></a></blockquote></p> <hr> <address>Apache/2.2.16 (Debian) Server at athena.hidden.tld Port 8140</address> </body></html> Connection closed by foreign host. But when I try to connect to the same host and port with ssl: openssl s_client -connect puppet:8140 It is not working connect: No route to host connect:errno=113 I am confused. At first it sounded like a firewall problem but this could not be, could it? Because this would also prevent the telnet connection. As Firewall I am using ferm on both servers. The systems are debian squeeze vm-boxes. [edit 1] Even when I try to connect directly with the IP address: openssl s_client -connect 198.51.100.1:8140 #address exchanged connect: No route to host connect:errno=113 Bringing down the firewalls on both hosts with service ferm stop is also not helping. But when I do openssl s_client -connect localhost:8140 on the server machine it is connecting fine. [edit 2] if I connect to the IP with telnet it also is not working. telnet 198.51.100.1 8140 Trying 198.51.100.1... telnet: Unable to connect to remote host: No route to host The confusion might come from IPv6. I have IPv6 on all my hosts. It seems that telnet uses IPv6 by default and this works. For example: telnet -6 puppet 8140 works but telnet -4 puppet 8140 does not work. So there seems to be a problem with the IPv4 route. openssl seems to only (or by default) use IPv4 and therefore fails but telnet uses IPv6 and succeeds.

    Read the article

  • How to generate, sign and import SSL certificate from Java

    - by Demiurg
    I need to generate a self signed certificates at run time, sign them and import to the Java keystore. I can do this using "keytool" and "openssl" from command line in the following way: keytool -import -alias root -keystore keystore.txt -file cacert.pem keytool -genkey -keyalg RSA -keysize 1024 -alias www.cia.gov -keystore keystore.txt keytool -keystore keystore.txt -certreq -alias www.cia.gov -file req.pem openssl x509 -req -days 3650 -in req.pem -CA cacert.pem -CAkey cakey.pem -CAcreateserial -out reqsigned.pem keytool -import -alias www.cia.gov -keystore keystore.txt -trustcacerts -file reqsigned.pem I can, of course, ship my application with keytool and openssl binaries and execute the above commands from Java, but I'm looking for a cleaner approach which would allow me to do all of the above using pure Java. Any libraries I can use ?

    Read the article

  • Passenger (mod-rails) can't find libopenssl-ruby

    - by flintinatux
    Trying to build an nginx server with Phusion Passenger on Ubuntu 11.10 (hurray for the new version!). Running "passenger-install-nginx-module" outputs the following error: * OpenSSL support for Ruby... not found With the following suggestion to fix it: * To install OpenSSL support for Ruby: Please run apt-get install libopenssl-ruby as root. Running "sudo apt-get install libopenssl-ruby" yields the following output: Reading package lists... Done Building dependency tree Reading state information... Done Note, selecting 'libruby' instead of 'libopenssl-ruby' libruby is already the newest version. 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. A little research shows that libruby is a virtual package that provides libopenssl-ruby as part of the package. However, the passenger-install-nginx-module script still can't find it, and keeps throwing the same error. Help me, please! I'm in a little over my head on this one, and the google-the-error-code method that usually works is failing me today.

    Read the article

  • Solved: Chrome v18, self signed certs and &ldquo;signed using a weak signature algorithm&rdquo;

    - by David Christiansen
    So chrome has just updated itself automatically and you are now running v18 – great. Or is it… If like me, you are someone that are running sites using a self-signed SSL Certificate (i.e. when running a site on a developer machine) you may come across the following lovely message; Fear not, this is likely as a result of you following instructions you found on the apache openssl site which results in a self signed cert using the MD5 signature hashing algorithm. The simple fix is to generate a new certificate specifying to use the SHA1 signature hashing algorithm, like so; openssl req -new -x509 -sha1 -nodes -out server.crt -keyout server.key Simples!

    Read the article

  • Can I configure Wndows NDES server to use Triple DES (3DES) algorithm for PKCS#7 answer encryption?

    - by O.Shevchenko
    I am running SCEP client to enroll certificates on NDES server. If OpenSSL is not in FIPS mode - everything works fine. In FIPS mode i get the following error: pkcs7_unwrap():pkcs7.c:708] error decrypting inner PKCS#7 139968442623728:error:060A60A3:digital envelope routines:FIPS_CIPHERINIT:disabled for fips:fips_enc.c:142: 139968442623728:error:21072077:PKCS7 routines:PKCS7_decrypt:decrypt error:pk7_smime.c:557: That's because NDES server uses DES algorithm to encrypt returned PKCS#7 packet. I used the following debug code: /* Copy enveloped data from PKCS#7 */ bytes = BIO_read(pkcs7bio, buffer, sizeof(buffer)); BIO_write(outbio, buffer, bytes); p7enc = d2i_PKCS7_bio(outbio, NULL); /* Get encryption PKCS#7 algorithm */ enc_alg=p7enc->d.enveloped->enc_data->algorithm; evp_cipher=EVP_get_cipherbyobj(enc_alg->algorithm); printf("evp_cipher->nid = %d\n", evp_cipher->nid); The last string always prints: evp_cipher-nid = 31 defined in openssl-1.0.1c/include/openssl/objects.h #define SN_des_cbc "DES-CBC" #define LN_des_cbc "des-cbc" #define NID_des_cbc 31 I use 3DES algorithm for PKCS7 requests encryption in my code (pscep.enc_alg = (EVP_CIPHER *)EVP_des_ede3_cbc()) and NDES server accepts these requests, but it always returns answer encrypted with DES. Can I configure Wndows NDES server to use Triple DES (3DES) algorithm for PKCS#7 answer encryption?

    Read the article

  • XAMPP CURL not working!

    - by MiffTheFox
    Nope, it's not. Windows Vista Home Premium x32: Relevant section of php.ini: ; Windows Extensions ; Note that ODBC support is built in, so no dll is needed for it. ; Note that many DLL files are located in the extensions/ (PHP 4) ext/ (PHP 5) ; extension folders as well as the separate PECL DLL download (PHP 5). ; Be sure to appropriately set the extension_dir directive. ;extension=php_apc.dll ;extension=php_apd.dll ;extension=php_bcompiler.dll ;extension=php_bitset.dll ;extension=php_blenc.dll ;extension=php_bz2.dll ;extension=php_bz2_filter.dll ;extension=php_classkit.dll ;extension=php_cpdf.dll ;extension=php_crack.dll extension=php_curl.dll ;extension=php_cvsclient.dll ;extension=php_db.dll ;extension=php_dba.dll ;extension=php_dbase.dll ;extension=php_dbx.dll Proof it's not working: c:\users\miff>curl http://localhost/xampp/phpinfo.php | grep curl % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 62592 0 62592 0 0 1971k 0 --:--:-- --:--:-- --:--:-- 3319k <tr><td class="e">HTTP_USER_AGENT </td><td class="v">curl/7.16.3 (i686-pc-cygwin) libcurl/7.16.3 OpenSSL/0.9.8k zlib/1.2.3 libssh2/0.15-CVS </td></tr> <tr><td class="e">User-Agent </td><td class="v">curl/7.16.3 (i686-pc-cygwin) libcurl/7.16.3 OpenSSL/0.9.8k zlib/1.2.3 libssh2/0.15-CVS </td></tr> <tr><td class="e">_SERVER["HTTP_USER_AGENT"]</td><td class="v">curl/7.16.3 (i686-pc-cygwin) libcurl/7.16.3 OpenSSL/0.9.8k zlib/1.2.3 libssh2/0.15-CVS</td></tr> c:\users\miff>

    Read the article

  • package issue with ubuntu 10.10 and passenger requirements

    - by user368937
    I'm trying to get Passenger working with Ubuntu 10.10 and I'm running into a problem. It seems that the passenger installer is not recognizing the virtual package. I'm getting this error: Code: passenger-install-apache2-module ... * OpenSSL support for Ruby... not found ... And then it says, run this: * To install OpenSSL support for Ruby: Please run apt-get install libopenssl-ruby as root. When I run the above command, it refers to the libruby package: sudo apt-get install libopenssl-ruby Reading package lists... Done Building dependency tree Reading state information... Done Note, selecting 'libruby' instead of 'libopenssl-ruby' libruby is already the newest version. 0 upgraded, 0 newly installed, 0 to remove and 43 not upgraded. When I look at the details for libruby, it says it provides libopenssl-ruby: Code: Provides: libbigdecimal-ruby, libcurses-ruby, libdbm-ruby, libdl-ruby, libdrb-ruby, liberb-ruby, libgdbm-ruby, libiconv-ruby, libopenssl-ruby, libpty-ruby, libracc-runtime-ruby, libreadline-ruby, librexml-ruby, libsdbm-ruby, libstrscan-ruby, libsyslog-ruby, libtest-unit-ruby, libwebrick-ruby, libxmlrpc-ruby, libyaml-ruby, libzlib-ruby And when I rerun the passenger installer, it gives the same error: Code: passenger-install-apache2-module ... * OpenSSL support for Ruby... not found ... Let me know if you need more info. How do I fix this?

    Read the article

  • Using secure proxies with Google Chrome

    - by cYrus
    Whenever I use a secure proxy with Google Chrome I get ERR_PROXY_CERTIFICATE_INVALID, I tried a lot of different scenarios and versions. The certificate I'm using a self-signed certificate: openssl genrsa -out key.pem 1024 openssl req -new -key key.pem -out request.pem openssl x509 -req -days 30 -in request.pem -signkey key.pem -out certificate.pem Note: this certificate works (with a warning since it's self-signed) when I try to setup a simple HTTPS server. The proxy Then I start a secure proxy on localhost:8080. There are a several ways to accomplish this, I tried: a custom Node.js script; stunnel; node-spdyproxy (OK, this involves SPDY too, but later... the problem is the same); [...] The browser Then I run Google Chrome with: google-chrome --proxy-server=https://localhost:8080 http://superuser.com to load, say, http://superuser.com. The issue All I get is: Error 136 (net::ERR_PROXY_CERTIFICATE_INVALID): Unknown error. in the window, and something like: [13633:13639:1017/182333:ERROR:cert_verify_proc_nss.cc(790)] CERT_PKIXVerifyCert for localhost failed err=-8179 in the console. Note: this is not the big red warning that complains about insecure certificates. Now, I have to admit that I'm quite n00b for what concerns certificates and such, if I'm missing some fundamental points, please let me know.

    Read the article

  • Forcing a particular SSL protocol for an nginx proxying server

    - by vitch
    I am developing an application against a remote https web service. While developing I need to proxy requests from my local development server (running nginx on ubuntu) to the remote https web server. Here is the relevant nginx config: server { server_name project.dev; listen 443; ssl on; ssl_certificate /etc/nginx/ssl/server.crt; ssl_certificate_key /etc/nginx/ssl/server.key; location / { proxy_pass https://remote.server.com; proxy_set_header Host remote.server.com; proxy_redirect off; } } The problem is that the remote HTTPS server can only accept connections over SSLv3 as can be seen from the following openssl calls. Not working: $ openssl s_client -connect remote.server.com:443 CONNECTED(00000003) 139849073899168:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:177: --- no peer certificate available --- No client certificate CA names sent --- SSL handshake has read 0 bytes and written 226 bytes --- New, (NONE), Cipher is (NONE) Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE --- Working: $ openssl s_client -connect remote.server.com:443 -ssl3 CONNECTED(00000003) <snip> --- SSL handshake has read 1562 bytes and written 359 bytes --- New, TLSv1/SSLv3, Cipher is RC4-SHA Server public key is 1024 bit Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE SSL-Session: Protocol : SSLv3 Cipher : RC4-SHA <snip> With the current setup my nginx proxy gives a 502 Bad Gateway when I connect to it in a browser. Enabling debug in the error log I can see the message: [info] 1451#0: *16 peer closed connection in SSL handshake while SSL handshaking to upstream. I tried adding ssl_protocols SSLv3; to the nginx configuration but that didn't help. Does anyone know how I can set this up to work correctly?

    Read the article

  • Dynamic linking in Visual Studio

    - by ILya
    I have to link dynamically with OpenSSL libeay32.dll. I'm writing native c++ console application using Visual C++ Express 2008. I'm including a header evp.h from OpenSSL distribution. Building and...: error LNK2001: unresolved external symbol _EVP_aes_256_cbc error LNK2001: unresolved external symbol _EVP_DecryptInit error LNK2001: unresolved external symbol _EVP_CIPHER_CTX_init How to make calls to libeay32.dll methods? I don't know where to specify it's filename

    Read the article

  • How to specify a cipher for an SSL connection in .NET?

    - by dr. evil
    How can I specify a cipher suite to use in an SSL Connections? I know that Mentalis Seclib got this feature however they don't maintain the project as they say .NET Framework 2.0 introduced those features. However I couldn't find a way to do this in .NET Framework 3.5. To be more specific I want to connect an HTTPS service by using NULL cipher, I would do the same thing with OpenSSL by using the following command: openssl s_client -connect www.example.com:443 -cipher NULL How can I do this in .NET?

    Read the article

  • How do I build git on Red Hat EL 3?

    - by Steve Hanov
    When you try to build git on Red Hat Enterprise Linux 3, you get an error: In file included from /usr/include/openssl/ssl.h:179, from git-compat-util.h:139, from builtin.h:4, from fast-import.c:147: /usr/include/openssl/kssl.h:72:18: krb5.h: No such file or directory

    Read the article

  • EXMPP Buillding Error

    - by pradeepchhetri
    I am trying to install exmpp but while building i am getting the following error: exmpp_tls_openssl.c: In function 'init_library': exmpp_tls_openssl.c:622: error: 'SSL_OP_NO_TICKET' undeclared (first use in this function) exmpp_tls_openssl.c:622: error: (Each undeclared identifier is reported only once exmpp_tls_openssl.c:622: error: for each function it appears in.) make[2]: *** [exmpp_tls_openssl_la-exmpp_tls_openssl.lo] Error 1 I have openssl-dev and openssl both installed. Can someone please tell me what is the problem.

    Read the article

  • Encryption is hard: AES encryption to Hex

    - by Rob Cameron
    So, I've got an app at work that encrypts a string using ColdFusion. ColdFusion's bulit-in encryption helpers make it pretty simple: encrypt('string_to_encrypt','key','AES','HEX') What I'm trying to do is use Ruby to create the same encrypted string as this ColdFusion script is creating. Unfortunately encryption is the most confusing computer science subject known to man. I found a couple helper methods that use the openssl library and give you a really simple encryption/decryption method. Here's the resulting string: "\370\354D\020\357A\227\377\261G\333\314\204\361\277\250" Which looks unicode-ish to me. I've tried several libraries to convert this to hex but they all say it contains invalid characters. Trying to unpack it results in this: string = "\370\354D\020\357A\227\377\261G\333\314\204\361\277\250" string.unpack('U') ArgumentError: malformed UTF-8 character from (irb):19:in `unpack' from (irb):19 At the end of the day it's supposed to look like this (the output of the ColdFusion encrypt method): F8E91A689565ED24541D2A0109F201EF Of course that's assuming that all the padding, initialization vectors, salts, cypher types and a million other possible differences all line up. Here's the simple script I'm using to encrypt/decrypt: def aes(m,k,t) (aes = OpenSSL::Cipher::Cipher.new('aes-256-cbc').send(m)).key = Digest::SHA256.digest(k) aes.update(t) << aes.final end def encrypt(key, text) aes(:encrypt, key, text) end def decrypt(key, text) aes(:decrypt, key, text) end Any help? Maybe just a simple option I can pass to OpenSSL::Cipher::Cipher that will tell it to hex-encode the final string?

    Read the article

  • package issue with ubuntu 10.10 and passenger requirements

    - by user368937
    I'm trying to get Passenger working with Ubuntu 10.10 and I'm running into a problem. It seems that the passenger installer is not recognizing the virtual package. I'm getting this error: Code: passenger-install-apache2-module ... * OpenSSL support for Ruby... not found ... And then it says, run this: * To install OpenSSL support for Ruby: Please run apt-get install libopenssl-ruby as root. When I run the above command, it refers to the libruby package: sudo apt-get install libopenssl-ruby Reading package lists... Done Building dependency tree Reading state information... Done Note, selecting 'libruby' instead of 'libopenssl-ruby' libruby is already the newest version. 0 upgraded, 0 newly installed, 0 to remove and 43 not upgraded. When I look at the details for libruby, it says it provides libopenssl-ruby: Code: Provides: libbigdecimal-ruby, libcurses-ruby, libdbm-ruby, libdl-ruby, libdrb-ruby, liberb-ruby, libgdbm-ruby, libiconv-ruby, libopenssl-ruby, libpty-ruby, libracc-runtime-ruby, libreadline-ruby, librexml-ruby, libsdbm-ruby, libstrscan-ruby, libsyslog-ruby, libtest-unit-ruby, libwebrick-ruby, libxmlrpc-ruby, libyaml-ruby, libzlib-ruby And when I rerun the passenger installer, it gives the same error: Code: passenger-install-apache2-module ... * OpenSSL support for Ruby... not found ... Let me know if you need more info. How do I fix this?

    Read the article

  • Create a SSL certificate on Windows

    - by Ben Fransen
    Hi all, Since I'm very new to SSL certificates, and the creation and usage of them I figured maybe StackOverflow members can help me out. I'm from Holland, the common way of online payments is by implementing iDEAL. An online payment protocol supported by the major banks. I have to implement a 'professional' version. This includes creating a RSA private key. Based on that key I have to create a certificate and upload it to the webserver. I'm on a Windows machine and completely confused what to do. I took a look at the OpenSSL website, because the manual forwarded me to that website to get a SSL Toolkit. The manual provides two commands which have to be executed in order to create a RSA key and a certificate. The commands are: openssl genrsa -des3 –out priv.pem -passout pass:myPassword 1024 and openssl req -x509 -new -key priv.pem -passin pass:myPassword -days 3650 -out cert.cer Is there a way I can do this by a utility on a windows machine? I've downloaded PuTTy KeyGenerator. But I'm not sure what to do, I've created a key (SSH-2 RSA, whatever that is..) but how do I create a certificate with that key? Any help is much appreciated! Ben

    Read the article

  • TLS with SNI in Java clients

    - by ftrotter
    There is an ongoing discussion on the security and trust working group for NHIN Direct regarding the IP-to-domain mapping problem that is created with traditional SSL. If an HISP (as defined by NHIN Direct) wants to host thousands of NHIN Direct "Health Domains" for providers, then it will an "artificially inflated cost" to have to purchase an IP for each of those domains. Because Apache and OpenSSL have recently released TLS with support for the SNI extension, it is possible to use SNI as a solution to this problem on the server side. However, if we decide that we will allow server implementations of the NHINDirect transport layer to support TLS+SNI, then we must require that all clients support SNI too. OpenSSL based clients should do this by default and one could always us stunnel to implement an TLS+SNI aware client to proxy if your given programming language SSL implementation does not support SNI. It appears that native Java applications using OpenJDK do not yet support SNI, but I cannot get a straight answer out of that project. I know that there are OpenSSL Java libraries available but I have no idea if that would be considered viable. Can you give me a "state of the art" summary of where TLS+SNI support is for Java clients? I need a Java implementers perspective on this.

    Read the article

  • Paypal Encrypted Website payments

    - by John Isaacks
    I am trying to integrate a PayPal Website Payments Standard Cart Upload payment type into my shopping cart. I integrated Google Checkout a while back and I did not find it overly confusing as I do paypal. I am getting info on how to encrypt it from here: https://cms.paypal.com/us/cgi-bin/?&cmd=_render-content&content_ID=developer/e_howto_html_encryptedwebpayments#id08A3I0P017Q Paypal says I need to generate a private key and a public certificate using OpenSSL. I went to OpenSSL and downloaded the latest release, which is just a folder containing various files but I see no application I can use, not sure what to do here. Even if I were to get OpenSSL to generate me a private key and public cert, the next step is to download either an MS or Java command line tool to create the encrypted cart ahead of time with the cart-total, tax, etc. which sounds crazy to me, like I am supposed to manually do this prior to every order?? Obviously I do not know the items in the cart the customer is going to buy before hand so I need this to be done on the fly on my website using PHP. But I am completely lost. There has to be a way to setup dynamic secure cart uploads to paypal. Can someone please point me in the right direction?

    Read the article

  • Load PEM encoded private RSA key in Crypto++

    - by 01100110
    Often times, user will have PEM encoded RSA private keys. Crypto++ requires that these keys be in DER format to load. I've been asking people to manually convert their PEM files to DER beforehand using openssl like this: openssl pkcs8 -in in_file.pem -out out_file.der -topk8 -nocrypt -outform der That works fine, but some people don't understand how to do that nor do they want to. So I would like to convert PEM files to DER files automatically within the program. Is it as simple as striping the "-----BEGIN CERTIFICATE-----" and "-----END CERTIFICATE-----" from the PEM or is some other transformation required as well? I've been told that between those markers that it's just b64 encoded DER. Here's some code that demonstrates the issue: // load the private key CryptoPP::RSA::PrivateKey PK; CryptoPP::ByteQueue bytes; try { CryptoPP::FileSource File( rsa.c_str(), true, new CryptoPP::Base64Decoder() ); File.TransferTo( bytes ); bytes.MessageEnd(); // This line Causes BERDecodeError when a PEM encoded file is used PK.Load( bytes ); } catch ( CryptoPP::BERDecodeErr ) { // Convert PEM to DER and try to load the key again } I'd like to avoid making system calls to openssl and do the transformation entirely in Crypto++ so that users can provide either format and things "just work". Thanks for any advice.

    Read the article

  • How do I enable ciphers for NSS?

    - by Cody
    I am trying to use curl built with NSS (not built with OpenSSL) on Fedora 14 to connect to a webpage over https. The server to which I am connecting (example.com) uses the RC4-SHA cipher for its SSL. Whenever I try to connect to example.com, I get the NSS error SSL_ERROR_NO_CYPHER_OVERLAP. I can connect via curl on this computer to example-2.com which has the DHE-RSA-AES256-SHA cipher. I can connect to example.com from a different computer that has curl built with OpenSSL. How do I find out which ciphers are enabled on NSS and how do I enable the RC4-SHA cipher on NSS?

    Read the article

  • Nginx compiled --with-http_spdy_module yet raise errors complains ngx_http_spdy_module

    - by c19
    [emerg] 21101#0: the "spdy" parameter requires ngx_http_spdy_module in /etc/nginx/conf.d/cc.conf isn't it the same module? and it causes multi-redirection error too. I have no idea what is going on. Full configure arg: nginx version: nginx/1.4.2 built by gcc 4.4.6 20120305 (Red Hat 4.4.6-4) (GCC) TLS SNI support enabled configure arguments: --prefix=/etc/nginx --sbin-path=/usr/sbin/nginx --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid --lock-path=/var/run/nginx.lock --http-client-body-temp-path=/var/cache/nginx/client_temp --http-proxy-temp-path=/var/cache/nginx/proxy_temp --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp --http-scgi-temp-path=/var/cache/nginx/scgi_temp --user=nginx --group=nginx --with-http_ssl_module --with-http_realip_module --with-http_addition_module --with-http_sub_module --with-http_dav_module --with-http_flv_module --with-http_mp4_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_random_index_module --with-http_secure_link_module --with-http_stub_status_module --with-mail --with-mail_ssl_module --with-file-aio --with-ipv6 --with-cc-opt='-O2 -g -pipe -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic' --with-pcre --with-http_ssl_module `--with-http_spdy_module` --with-http_gunzip_module --with-http_gzip_static_module --with-http_stub_status_module --with-openssl=/usr/local/src/openssl-1.0.1e

    Read the article

  • SSL connection errors from Apache

    - by Yang
    I'm running a (self-signed) SSL cert site on Apache/2.2.14 on Ubuntu 10.04, but various browsers are giving errors on half the connection attempts. Just now saw this transient error from Chrome: "Error 126 (net::ERR_SSL_BAD_RECORD_MAC_ALERT): Unknown error." Hit refresh and the problem goes away for a while. wget too: $ wget --no-check-certificate https://dev.foo.com/deps/ --2010-09-08 19:30:26-- https://dev.foo.com/deps/ Resolving dev.foo.com... 184.72.53.220 Connecting to dev.foo.com|184.72.53.220|:443... connected. OpenSSL: error:0407006A:rsa routines:RSA_padding_check_PKCS1_type_1:block type is not 01 OpenSSL: error:04067072:rsa routines:RSA_EAY_PUBLIC_DECRYPT:padding check failed OpenSSL: error:1408D07B:SSL routines:SSL3_GET_KEY_EXCHANGE:bad signature Unable to establish SSL connection. Run it right away again and it works: $ wget --no-check-certificate https://dev.foo.com/deps/ --2010-09-08 19:30:29-- https://dev.foo.com/deps/ Resolving dev.foo.com... 184.72.53.220 Connecting to dev.foo.com|184.72.53.220|:443... connected. WARNING: cannot verify dev.foo.com's certificate, issued by `/CN=dev.foo.com': Self-signed certificate encountered. HTTP request sent, awaiting response... 200 OK Length: 3157 (3.1K) [text/html] Saving to: `index.html' 100%[======================================>] 3,157 --.-K/s in 0s 2010-09-08 19:30:29 (48.6 MB/s) - `index.html' saved [3157/3157] In my sites-enabled/default-ssl: SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key The cert: -----BEGIN CERTIFICATE----- MIIBszCCARwCCQCa0TzNwqLgsTANBgkqhkiG9w0BAQUFADAeMRwwGgYDVQQDExNk ZXYucGFydHlvbmRhdGEuY29tMB4XDTEwMDgyNzA2MzA1N1oXDTIwMDgyNDA2MzA1 N1owHjEcMBoGA1UEAxMTZGV2LnBhcnR5b25kYXRhLmNvbTCBnzANBgkqhkiG9w0B AQEFAAOBjQAwgYkCgYEAzXDEULpCUqIc9hV/ESFapkckR2uoYINA81DvG2aQZ9Ot Q30OwX2ae2CC4bSzJEIVlahU8vjVrWpmpa28NEhQbqh4ywwbl1XDrEVYI6Gkfimf snJhOKyaVrEhlwutYtBjmsz3ZIqwymMPm/6smVcSS5dJIynlSmtltxX6ivPcO8UC AwEAATANBgkqhkiG9w0BAQUFAAOBgQBGxHVkpSSOnZjzuySRepjhAlV/yhe9Fx23 fh12WrjQMEi98B7JEuNSLXDWckUN7O6XRc3RzKmazcGHJqzhn0Ov6gAmAE2XjZ/x VW21xmaLwk+KgYKFJbJJaP3jMSpU7I3aa11wqAkR2Zd4Nkm9N0YXYIzcBdfztTVI Et8mEHBFdg== -----END CERTIFICATE----- The cert is in turn generated via: $ make-ssl-cert generate-default-snakeoil --force-overwrite Apache version. $ apache2 -V Server version: Apache/2.2.14 (Ubuntu) Server built: Apr 13 2010 20:22:19 Server's Module Magic Number: 20051115:23 Server loaded: APR 1.3.8, APR-Util 1.3.9 Compiled using: APR 1.3.8, APR-Util 1.3.9 Architecture: 64-bit Server MPM: Worker threaded: yes (fixed thread count) forked: yes (variable process count) Server compiled with.... -D APACHE_MPM_DIR="server/mpm/worker" -D APR_HAS_SENDFILE -D APR_HAS_MMAP -D APR_HAVE_IPV6 (IPv4-mapped addresses enabled) -D APR_USE_SYSVSEM_SERIALIZE -D APR_USE_PTHREAD_SERIALIZE -D SINGLE_LISTEN_UNSERIALIZED_ACCEPT -D APR_HAS_OTHER_CHILD -D AP_HAVE_RELIABLE_PIPED_LOGS -D DYNAMIC_MODULE_LIMIT=128 -D HTTPD_ROOT="" -D SUEXEC_BIN="/usr/lib/apache2/suexec" -D DEFAULT_PIDLOG="/var/run/apache2.pid" -D DEFAULT_SCOREBOARD="logs/apache_runtime_status" -D DEFAULT_ERRORLOG="logs/error_log" -D AP_TYPES_CONFIG_FILE="/etc/apache2/mime.types" -D SERVER_CONFIG_FILE="/etc/apache2/apache2.conf" I don't administer the network, hardware, etc. - this is all running on Amazon EC2. I'm not running a load-balancer or anything else in front of the server. I'm making direct TCP connections to that host (AFAIK). Any ideas? Thanks in advance for any help.

    Read the article

  • SSL connection errors from Apache

    - by Yang
    I'm running a (self-signed) SSL cert site on Apache/2.2.14 on Ubuntu 10.04, but various browsers are giving errors on half the connection attempts. Just now saw this transient error from Chrome: "Error 126 (net::ERR_SSL_BAD_RECORD_MAC_ALERT): Unknown error." Hit refresh and the problem goes away for a while. wget too: $ wget --no-check-certificate https://dev.partyondata.com/deps/ --2010-09-08 19:30:26-- https://dev.partyondata.com/deps/ Resolving dev.partyondata.com... 184.72.53.220 Connecting to dev.partyondata.com|184.72.53.220|:443... connected. OpenSSL: error:0407006A:rsa routines:RSA_padding_check_PKCS1_type_1:block type is not 01 OpenSSL: error:04067072:rsa routines:RSA_EAY_PUBLIC_DECRYPT:padding check failed OpenSSL: error:1408D07B:SSL routines:SSL3_GET_KEY_EXCHANGE:bad signature Unable to establish SSL connection. Run it right away again and it works: $ wget --no-check-certificate https://dev.partyondata.com/deps/ --2010-09-08 19:30:29-- https://dev.partyondata.com/deps/ Resolving dev.partyondata.com... 184.72.53.220 Connecting to dev.partyondata.com|184.72.53.220|:443... connected. WARNING: cannot verify dev.partyondata.com's certificate, issued by `/CN=dev.partyondata.com': Self-signed certificate encountered. HTTP request sent, awaiting response... 200 OK Length: 3157 (3.1K) [text/html] Saving to: `index.html' 100%[======================================>] 3,157 --.-K/s in 0s 2010-09-08 19:30:29 (48.6 MB/s) - `index.html' saved [3157/3157] In my sites-enabled/default-ssl: SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key The cert: -----BEGIN CERTIFICATE----- MIIBszCCARwCCQCa0TzNwqLgsTANBgkqhkiG9w0BAQUFADAeMRwwGgYDVQQDExNk ZXYucGFydHlvbmRhdGEuY29tMB4XDTEwMDgyNzA2MzA1N1oXDTIwMDgyNDA2MzA1 N1owHjEcMBoGA1UEAxMTZGV2LnBhcnR5b25kYXRhLmNvbTCBnzANBgkqhkiG9w0B AQEFAAOBjQAwgYkCgYEAzXDEULpCUqIc9hV/ESFapkckR2uoYINA81DvG2aQZ9Ot Q30OwX2ae2CC4bSzJEIVlahU8vjVrWpmpa28NEhQbqh4ywwbl1XDrEVYI6Gkfimf snJhOKyaVrEhlwutYtBjmsz3ZIqwymMPm/6smVcSS5dJIynlSmtltxX6ivPcO8UC AwEAATANBgkqhkiG9w0BAQUFAAOBgQBGxHVkpSSOnZjzuySRepjhAlV/yhe9Fx23 fh12WrjQMEi98B7JEuNSLXDWckUN7O6XRc3RzKmazcGHJqzhn0Ov6gAmAE2XjZ/x VW21xmaLwk+KgYKFJbJJaP3jMSpU7I3aa11wqAkR2Zd4Nkm9N0YXYIzcBdfztTVI Et8mEHBFdg== -----END CERTIFICATE----- The cert is in turn generated via: $ make-ssl-cert generate-default-snakeoil --force-overwrite Apache version. $ apache2 -V Server version: Apache/2.2.14 (Ubuntu) Server built: Apr 13 2010 20:22:19 Server's Module Magic Number: 20051115:23 Server loaded: APR 1.3.8, APR-Util 1.3.9 Compiled using: APR 1.3.8, APR-Util 1.3.9 Architecture: 64-bit Server MPM: Worker threaded: yes (fixed thread count) forked: yes (variable process count) Server compiled with.... -D APACHE_MPM_DIR="server/mpm/worker" -D APR_HAS_SENDFILE -D APR_HAS_MMAP -D APR_HAVE_IPV6 (IPv4-mapped addresses enabled) -D APR_USE_SYSVSEM_SERIALIZE -D APR_USE_PTHREAD_SERIALIZE -D SINGLE_LISTEN_UNSERIALIZED_ACCEPT -D APR_HAS_OTHER_CHILD -D AP_HAVE_RELIABLE_PIPED_LOGS -D DYNAMIC_MODULE_LIMIT=128 -D HTTPD_ROOT="" -D SUEXEC_BIN="/usr/lib/apache2/suexec" -D DEFAULT_PIDLOG="/var/run/apache2.pid" -D DEFAULT_SCOREBOARD="logs/apache_runtime_status" -D DEFAULT_ERRORLOG="logs/error_log" -D AP_TYPES_CONFIG_FILE="/etc/apache2/mime.types" -D SERVER_CONFIG_FILE="/etc/apache2/apache2.conf" Any ideas? Thanks in advance for any help.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 11 12 13 14 15 16 17 18 19 20 21 22  | Next Page >