OpenSSL

Version: 
1.0.2o
Release date: 
Thursday, 31 May, 2018

License:

Interface:

Authors/Port authors:

The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, fully featured, and Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength general purpose cryptography library.

Port by different authors.

This software is distributed in two modes:
  • as compressed package that you have to download and manually install; if prerequisites are required, you will have to manually install them too;
  • as RPM package; you can install it using your favorite rpm package manager, that will take care to download and install both the software and its prerequisites.
Choose the installation mode that you prefer. Please note that not all the versions are available in both the installation modes.

Installation with rpm

This program is installable using the rpm package manager. See below for the install string. Required prerequisites are automatically processed by the package manager and, if needed, downloaded and installed.

openssl-libs-1.0.2o-1.oc00 (31/05/2018)
Repository: Netlabs stable
Install with ANPM or running the command:
yum install openssl-libs
openssl-perl-1.0.2o-1.oc00 (31/05/2018)
Repository: Netlabs stable
Install with ANPM or running the command:
yum install openssl-perl
openssl-static-1.0.2o-1.oc00 (31/05/2018)
Repository: Netlabs stable
Install with ANPM or running the command:
yum install openssl-static
openssl-1.0.2o-1.oc00 (31/05/2018)
Repository: Netlabs stable
Install with ANPM or running the command:
yum install openssl
openssl-devel-1.0.2o-1.oc00 (31/05/2018)
Repository: Netlabs stable
Development files for openssl, not needed by the end user. Install with ANPM or running the command:
yum install openssl-devel

Manual installation

Program is distributed as ZIP package: download to temporary directory and unpack to destination folder. See below for download link(s).

  1. unzip runtime-zip into some directory
  2. unzip dev-zip into the same directory (if you need the development toolkit)
  3. add '(the directory)\bin' to PATH
  4. add '(the directory)\dll' to LIBPATH
  5. set the environment variable OPENSSL_CONF to point'ssl/openssl.cnf'
    set OPENSSL_CONF=(the directory)\ssl\openssl.cnf

You can install the prerequisites with rpm running the following string in a command line:

yum install libc libcx libgcc1 libssp libstdc++6 libstdc++ libsupc++6 libsupc++ libgcc-fwd emxrt

Online documentation:

Following ones are the download links for manual installation:

OpenSSL v. 1.0.0t (runtime, 4/12/2015)
 hobbes.nmsu.edu/download/pub/os2/util/encrypt/openssl-1.0.0t-os2knix-20151204-runtime.zip
OpenSSL v. 1.0.0t (toolkit, 4/12/2015)
 hobbes.nmsu.edu/download/pub/os2/util/encrypt/openssl-1.0.0t-os2knix-20151204-dev.zip
OpenSSL v. 1.0.0s (toolkit, 12/6/2015) Readme/What's new
OpenSSL-1.0.0s development kit for OS2-KNIX (kLIBC). Requires OS/2 Warp V4 fix5 or later, TCP/IP for OS/2, kLIBC 0.6.3, gcc 3.3.5 csd3.
 www.os2site.com/sw/internet/openssl/old/openssl-1.0.0s-os2knix-20150612-dev.zip
OpenSSL v. 1.0.0s (runtime, 12/6/2015) Readme/What's new
OpenSSL-1.0.0s runtime kit for OS2-KNIX (kLIBC). Requires OS/2 Warp V4 fix5 or later, TCP/IP for OS/2, kLIBC 0.6.3.
 www.os2site.com/sw/internet/openssl/old/openssl-1.0.0s-os2knix-20150612-runtime.zip
OpenSSL v. 1.0.0r (toolkit, 20/3/2015) Readme/What's new
OpenSSL-1.0.0o development kit for OS2-KNIX (kLIBC). Requires OS/2 Warp V4 fix5 or later, TCP/IP for OS/2, kLIBC 0.6.3, gcc 3.3.5 csd3.
 www.os2site.com/sw/internet/openssl/old/openssl-1.0.0r-os2knix-20150320-dev.zip
OpenSSL v. 1.0.0r (runtime, 20/3/2015) Readme/What's new
OpenSSL-1.0.0o runtime kit for OS2-KNIX (kLIBC). Requires OS/2 Warp V4 fix5 or later, TCP/IP for OS/2, kLIBC 0.6.3.
 www.os2site.com/sw/internet/openssl/old/openssl-1.0.0r-os2knix-20150320-runtime.zip
OpenSSL v. 1.0.1k (11/1/2015) Readme/What's new
OpenSSL v1.0.1k for OS/2. Includes binaries and diff.
 www.os2site.com/sw/internet/openssl/old/openssl-1.0.1k-os2-20150111.zip
OpenSSL v. 1.0.0p (tookit, 9/1/2015) Readme/What's new
OpenSSL-1.0.0o development kit for OS2-KNIX (kLIBC). Requires OS/2 Warp V4 fix5 or later, TCP/IP for OS/2, kLIBC 0.6.3, gcc 3.3.5 csd3.
 www.os2site.com/sw/internet/openssl/old/openssl-1.0.0p-os2knix-20150109-dev.zip
OpenSSL v. 1.0.0p (runtime, 9/1/2015) Readme/What's new
OpenSSL-1.0.0o runtime kit for OS2-KNIX (kLIBC). Requires OS/2 Warp V4 fix5 or later, TCP/IP for OS/2, kLIBC 0.6.3.
 www.os2site.com/sw/internet/openssl/old/openssl-1.0.0p-os2knix-20150109-runtime.zip
OpenSSL v. 1.0.0o (toolkit, 16/10/2014) Readme/What's new
OpenSSL-1.0.0o development kit for OS2-KNIX (kLIBC). Requires OS/2 Warp V4 fix5 or later, TCP/IP for OS/2, kLIBC 0.6.3, gcc 3.3.5 csd3.
 www.os2site.com/sw/internet/openssl/old/openssl-1.0.0o-os2knix-20141016-dev.zip
OpenSSL v. 1.0.0o (runtime, 16/10/2014) Readme/What's new
OpenSSL-1.0.0o runtime kit for OS2-KNIX (kLIBC). Requires OS/2 Warp V4 fix5 or later, TCP/IP for OS/2, kLIBC 0.6.3.
 www.os2site.com/sw/internet/openssl/old/openssl-1.0.0o-os2knix-20141016-runtime.zip
OpenSSL v. 1.0.0n (toolkit, 7/8/2014) Readme/What's new
OpenSSL-1.0.0n development kit for OS2-KNIX (kLIBC). Requires OS/2 Warp V4 fix5 or later, TCP/IP for OS/2, kLIBC 0.6.3, gcc 3.3.5 csd3.
 www.os2site.com/sw/internet/openssl/old/openssl-1.0.0n-os2knix-20140807-dev.zip
OpenSSL v. 1.0.0n (runtime, 7/8/2014) Readme/What's new
OpenSSL-1.0.0n runtime kit for OS2-KNIX (kLIBC). Requires OS/2 Warp V4 fix5 or later, TCP/IP for OS/2, kLIBC 0.6.3.
 www.os2site.com/sw/internet/openssl/old/openssl-1.0.0n-os2knix-20140807-runtime.zip
OpenSSL v. 1.0.0m (6/6/2014) Readme/What's new
OpenSSL-1.0.0m 1.0.0l-fix2 development kit for OS2-EMX, including security fixes. Requires OS/2 Warp V4 fix5 or later, TCP/IP for OS/2, EMX.
 www.os2site.com/sw/internet/openssl/old/openssl-1.0.0m-os2emx-20140606.zip
OpenSSL v. 0.9.8za (emx, 6/6/2014) Readme/What's new
OpenSSL "experimental" toolkit for os2-emx (another port), os2-knix, v0.9.8za OS2-EMX (for genuine EMX).
 www.os2site.com/sw/internet/openssl/old/openssl-0.9.8za-os2emx-20140606.zip
OpenSSL v. 1.0.0m (toolkit, 6/6/2014) Readme/What's new
OpenSSL-1.0.0m development kit for OS2-KNIX (kLIBC). Requires OS/2 Warp V4 fix5 or later, TCP/IP for OS/2, kLIBC 0.6.3, gcc 3.3.5 csd3.
 www.os2site.com/sw/internet/openssl/old/openssl-1.0.0m-os2knix-20140606-dev.zip
OpenSSL v. 0.9.8za (toolkit, 6/6/2014) Readme/What's new
OpenSSL "experimental" toolkit for os2-emx (another port), os2-knix, v0.9.8za OS2-KNIX development headers/libs (for kLIBC 0.6.3 or later).
 www.os2site.com/sw/internet/openssl/old/openssl-0.9.8za-os2knix-20140606-dev.zip
OpenSSL v. 0.9.8za (runtime, 6/6/2014) Readme/What's new
OpenSSL "experimental" toolkit for os2-emx (another port), os2-knix, v0.9.8za OS2-KNIX runtime EXE/DLLs (for kLIBC 0.6.3 or later).
 www.os2site.com/sw/internet/openssl/old/openssl-0.9.8za-os2knix-20140606-runtime.zip
OpenSSL v. 1.0.0m (runtime, 6/6/2014) Readme/What's new
OpenSSL-1.0.0m runtime kit for OS2-KNIX (kLIBC). Requires OS/2 Warp V4 fix5 or later, TCP/IP for OS/2, kLIBC 0.6.3.
 www.os2site.com/sw/internet/openssl/old/openssl-1.0.0m-os2knix-20140606-runtime.zip
OpenSSL v. 1.0.0l (toolkit, fix 2, 14/5/2014) Readme/What's new
OpenSSL-1.0.0l 1.0.0l-fix2 development kit for OS2-KNIX (kLIBC), including security fixes: CVE-2010-5298, CVE-2014-0076 and CVE-2014-0198. Requires OS/2 Warp V4 fix5 or later, TCP/IP for OS/2, kLIBC 0.6.3, gcc 3.3.5 csd3.
 www.os2site.com/sw/internet/openssl/old/openssl-1.0.0l-fix2-os2knix-20140514-dev.zip
OpenSSL v. 1.0.0l (runtime, fix 2, 14/5/2014) Readme/What's new
OpenSSL-1.0.0l 1.0.0l-fix2 runtime kit for OS2-KNIX (kLIBC), including security fixes: CVE-2010-5298, CVE-2014-0076 and CVE-2014-0198. Requires OS/2 Warp V4 fix5 or later, TCP/IP for OS/2, kLIBC 0.6.3, gcc 3.3.5 csd3.
 www.os2site.com/sw/internet/openssl/old/openssl-1.0.0l-fix2-os2knix-20140514-runtime.zip
OpenSSL v. 1.0.0l (fix 2, 14/5/2014) Readme/What's new
OpenSSL-1.0.0l 1.0.0l-fix2 development kit for OS2-EMX, including security fixes: CVE-2010-5298, CVE-2014-0076 and CVE-2014-0198. Requires OS/2 Warp V4 fix5 or later, TCP/IP for OS/2, EMX.
 www.os2site.com/sw/internet/openssl/old/openssl-1.0.0l-fix2-os2emx-20140514.zip
OpenSSL v. 1.0.0l (fix 1, 11/5/2014) Readme/What's new
OpenSSL-1.0.0l 1.0.0l-fix1 development kit for OS2-EMX, including security fixes: CVE-2010-5298 and CVE-2014-0076. Requires OS/2 Warp V4 fix5 or later, TCP/IP for OS/2, EMX.
 www.os2site.com/sw/internet/openssl/old/openssl-1.0.0l-fix1-os2emx-20140511.zip
OpenSSL v. 1.0.0l (toolkit, fix 1, 11/5/2014) Readme/What's new
OpenSSL-1.0.0l 1.0.0l-fix1 development kit for OS2-KNIX (kLIBC), including security fixes: CVE-2010-5298 and CVE-2014-0076. Requires OS/2 Warp V4 fix5 or later, TCP/IP for OS/2, kLIBC 0.6.3, gcc 3.3.5 csd3.
 www.os2site.com/sw/internet/openssl/old/openssl-1.0.0l-fix1-os2knix-20140511-dev.zip
OpenSSL v. 1.0.0l (runtime, fix 1, 11/5/2014) Readme/What's new
OpenSSL-1.0.0l 1.0.0l-fix1 runtime kit for OS2-KNIX (kLIBC), including security fixes: CVE-2010-5298 and CVE-2014-0076. Requires OS/2 Warp V4 fix5 or later, TCP/IP for OS/2, kLIBC 0.6.3, gcc 3.3.5 csd3.
 www.os2site.com/sw/internet/openssl/old/openssl-1.0.0l-fix1-os2knix-20140511-runtime.zip
OpenSSL v. 1.0.0k (7/2/2013) Readme/What's new
Experimental OpenSSL v1.0.0k OS2-EMX (for genuine EMX). OpenSSL is an open-source implementation of the SSL and TLS protocols.
 www.os2site.com/sw/internet/openssl/old/openssl-1.0.0k-os2emx-20130207.zip
OpenSSL v. 1.0.0k (toolkit, 7/2/2013) Readme/What's new
Experimental OpenSSL v1.0.0k OS2-KNIX development headers/libs. OpenSSL is an open-source implementation of the SSL and TLS protocols.
 www.os2site.com/sw/internet/openssl/old/openssl-1.0.0k-os2knix-20130207-dev.zip
OpenSSL v. 1.0.0k (runtime, 7/2/2013) Readme/What's new
Experimental OpenSSL v1.0.0k OS2-KNIX runtime. OpenSSL is an open-source implementation of the SSL and TLS protocols.
 www.os2site.com/sw/internet/openssl/old/openssl-1.0.0k-os2knix-20130207-runtime.zip
OpenSSL v. 0.9.8y (toolkit, 6/2/2013) Readme/What's new
Experimental OpenSSL v0.9.8y OS2-KNIX development headers/libs (for kLIBC 0.6.3 or later). OpenSSL is an open-source implementation of the SSL and TLS protocols.
 www.os2site.com/sw/internet/openssl/old/openssl-0.9.8y-os2knix-20130206-dev.zip
OpenSSL v. 0.9.8y (runtime, 6/2/2013) Readme/What's new
Experimental OpenSSL v0.9.8y OS2-KNIX runtime EXE/DLLs (for kLIBC 0.6.3 or later). OpenSSL is an open-source implementation of the SSL and TLS protocols.
 www.os2site.com/sw/internet/openssl/old/openssl-0.9.8y-os2knix-20130206-runtime.zip
OpenSSL v. 0.9.8y (emx, 6/2/2013) Readme/What's new
Experimental OpenSSL v0.9.8y OS2-EMX (for genuine EMX). OpenSSL is an open-source implementation of the SSL and TLS protocols.
 www.os2site.com/sw/internet/openssl/old/openssl-0.9.8y-os2emx-20130206.zip
OpenSSL v. 1.0.0e (runtime, 10/9/2011) Readme/What's new
OpenSSL-1.0.0e runtime kit (EXE/DLLs) for OS2-KNIX (kLIBC). Requires OS/2 Warp V4 or later, TCP/IP for OS/2, kLIBC 0.6.3.
 www.os2site.com/sw/internet/openssl/old/openssl-1.0.0e-os2knix-20110910-runtime.zip
OpenSSL v. 1.0.0a (toolkit, 3/6/2010) Readme/What's new
OpenSSL-1.0.0a development kit (headers/libs) for OS2-KNIX (kLIBC). Requires OS/2 Warp V4 or later, TCP/IP for OS/2, kLIBC 0.6.3, gcc 3.3.5 or later, zlib (1.2.3 or later).
 www.os2site.com/sw/internet/openssl/old/openssl-1.0.0a-os2knix-20100603-dev.zip
OpenSSL v. 1.0.0a (runtime, 3/6/2010) Readme/What's new
OpenSSL-1.0.0a runtime kit (EXE/DLLs) for OS2-KNIX (kLIBC). Requires OS/2 Warp V4 or later, TCP/IP for OS/2, kLIBC 0.6.3.
 www.os2site.com/sw/internet/openssl/old/openssl-1.0.0a-os2knix-20100603-runtime.zip
OpenSSL v. 0.9.8o (toolkit, 2/6/2010) Readme/What's new
OpenSSL-0.9.8o development kit (headers/libs) for OS2-KNIX (kLIBC). Requires OS/2 Warp V4 or later, TCP/IP for OS/2, kLIBC 0.6.3, gcc 3.3.5 or later, zlib (1.2.3 or later). Replaces openssl-0.9.8n-os2knix-20100325-dev.zip.
 www.os2site.com/sw/internet/openssl/old/openssl-0.9.8o-os2knix-20100602-dev.zip
OpenSSL v. 0.9.8o (runtime, 2/6/2010) Readme/What's new
OpenSSL-0.9.8o runtime kit (EXE/DLLs) for OS2-KNIX (kLIBC). Requires OS/2 Warp V4 or later, TCP/IP for OS/2, kLIBC 0.6.3. Replaces openssl-0.9.8n-os2knix-20100325-runtime.zip.
 www.os2site.com/sw/internet/openssl/old/openssl-0.9.8o-os2knix-20100602-runtime.zip
OpenSSL v. 0.9.8n (toolkit, 27/3/2010) Readme/What's new
OpenSSL CHANGES _______________ Changes between 0.9.8m and 0.9.8n [24 Mar 2010] *) When rejecting SSL/TLS records due to an incorrect version number, never update s->server with a new major version number. As of - OpenSSL 0.9.8m if 'short' is a 16-bit type, - OpenSSL 0.9.8f if 'short' is longer than 16 bits, the previous behavior could result in a read attempt at NULL when receiving specific incorrect SSL/TLS records once record payload protection is active. (CVE-2010-0740) [Bodo Moeller, Adam Langley <agl@chromium.org>] *) Fix for CVE-2010-0433 where some kerberos enabled versions of OpenSSL could be crashed if the relevant tables were not present (e.g. chrooted). [Tomas Hoger <thoger@redhat.com>]
 hobbes.nmsu.edu/download/pub/os2/util/encrypt/openssl-0.9.8n-os2knix-20100325-dev.zip
OpenSSL v. 0.9.8n (runtime, 27/3/2010) Readme/What's new
OpenSSL CHANGES _______________ Changes between 0.9.8m and 0.9.8n [24 Mar 2010] *) When rejecting SSL/TLS records due to an incorrect version number, never update s->server with a new major version number. As of - OpenSSL 0.9.8m if 'short' is a 16-bit type, - OpenSSL 0.9.8f if 'short' is longer than 16 bits, the previous behavior could result in a read attempt at NULL when receiving specific incorrect SSL/TLS records once record payload protection is active. (CVE-2010-0740) [Bodo Moeller, Adam Langley <agl@chromium.org>] *) Fix for CVE-2010-0433 where some kerberos enabled versions of OpenSSL could be crashed if the relevant tables were not present (e.g. chrooted). [Tomas Hoger <thoger@redhat.com>]
 hobbes.nmsu.edu/download/pub/os2/util/encrypt/openssl-0.9.8n-os2knix-20100325-runtime.zip
OpenSSL v. 0.9.8m (28/2/2010) Readme/What's new
OpenSSL-0.9.8m emx version.
 www.os2site.com/sw/internet/openssl/old/openssl-0.9.8m-os2emx-20100228.zip
OpenSSL v. 0.9.8m (toolkit, 28/2/2010) Readme/What's new
OpenSSL-0.9.8m development kit (headers/libs) for OS2-KNIX (kLIBC). Requires OS/2 Warp V4 or later, TCP/IP for OS/2, kLIBC 0.6.3, gcc 3.3.5 or later, zlib (1.2.3).
 www.os2site.com/sw/internet/openssl/old/openssl-0.9.8m-os2knix-20100228-dev.zip
OpenSSL v. 0.9.8m (runtime, 28/2/2010)
 www.os2site.com/sw/internet/openssl/old/openssl-0.9.8m-os2knix-20100228-runtime.zip
OpenSSL v. 1.0.0b3 (20/9/2009)
 www.os2site.com/sw/internet/openssl/old/openssl-1.0.0-beta3-os2.zip
OpenSSL v. 0.9.8j (klibc, 15/1/2009) Readme/What's new
OpenSSL v0.9.8j for OS/2 klibc/GCC 4.3.2 test version.
 www.os2site.com/sw/internet/openssl/old/openssl-0.9.8j-klibc-gcc432-20090115.zip
OpenSSL v. 0.9.8j (emx, 15/1/2009)
 www.os2site.com/sw/internet/openssl/old/openssl-0.9.8j-os2emx-20090115.zip
OpenSSL v. 0.9.8i (18/9/2008) Readme/What's new
OpenSSL v0.9.8i for OS/2. For kLIBC (gcc 3.3.5 csd 3)
 www.os2site.com/sw/internet/openssl/old/openssl-0.9.8i-klibc-20080918.zip
OpenSSL v. 0.9.8h (klibc, 30/5/2008) Readme/What's new
OpenSSL v0.9.8h for kLIBC/gcc 3.3.5 csd 3.
 www.os2site.com/sw/internet/openssl/old/openssl-0.9.8h-klibc-20080530.zip
OpenSSL v. 0.9.8h (emx, 30/5/2008) Readme/What's new
OpenSSL v0.9.8h emx build.
 www.os2site.com/sw/internet/openssl/old/openssl-0.9.8h-os2emx-20080530.zip
OpenSSL v. 0.9.8g (22/10/2007) Readme/What's new
OpenSSL v0.9.8g emx build.
 www.os2site.com/sw/internet/openssl/old/openssl-0.9.8g-os2emx-20071022.zip
OpenSSL v. 0.9.8f (13/10/2007) Readme/What's new
OpenSSL v0.9.8f emx build.
 www.os2site.com/sw/internet/openssl/old/openssl-0.9.8f-os2emx-20071013.zip
OpenSSL v. 0.9.8e (18/4/2007) Readme/What's new
OpenSSL v0.9.8e for OS/2.
 www.os2site.com/sw/internet/openssl/old/openssl-0.9.8e-os2-20070418.zip
OpenSSL v. 0.9.8d (29/9/2006) Readme/What's new
OpenSSL v0.9.8d for OS/2.
 www.os2site.com/sw/internet/openssl/old/openssl-0.9.8d-os2-20060929.zip
OpenSSL v. 0.9.8c (7/9/2006) Readme/What's new
OpenSSL v0.9.8c for OS/2.
 www.os2site.com/sw/internet/openssl/old/openssl-0.9.8c-os2-20060907.zip
OpenSSL v. 0.9.8b (17/5/2006) Readme/What's new
OpenSSL v0.9.8b for OS/2.
 www.os2site.com/sw/internet/openssl/old/openssl-0.9.8b-os2-20060517.zip
OpenSSL v. 0.9.8a (13/11/2005) Readme/What's new
OpenSSL v0.9.8a for OS/2.
 www.os2site.com/sw/internet/openssl/old/openssl-0.9.8a-os2-20051113.zip
OpenSSL v. 0.9.8 (3/8/2005) Readme/What's new
Yuri Dario's build of OpenSSL v0.9.8 including full source tree with static libraries and binaries built with GCC v3.3.5.
 www.os2site.com/sw/internet/openssl/old/openssl-0.9.8.zip
OpenSSL v. 0.9.7e (16/11/2004) Readme/What's new
Brian Havard's build of OpenSSL v0.9.7e.
 www.os2site.com/sw/internet/openssl/old/openssl-0.9.7e-cli-os2.zip
OpenSSL v. 0.9.7a (21/4/2003) Readme/What's new
This is openssl-0.9.7a for OS/2. with the patch against the Klima-Pokorny-Rosa attack on RSA in SSL/TLS applied. I compiled it on Warp4 with emx 0.9d using OS2-EMX.cmd from the original tar ball. The DLLs and EXE are compressed with LXLite. Put openssl in a directory in your PATH and the DLLs to a direcotory in your LIBPATH. Copy conf\openssl.cnf.demoCA to a directory of your choice and set the environement variable OPENSSL_CONF by putting SET OPENSSL_CONF=D:\MPTN\etc\ssl\openssl.cnf into CONFIG.SYS. If you want to compile your own programs and link them with the opensll put the files from include and lib to your emx directory. Note that openssl is a subdirectory of your include directory. If you need .lib files you can create them using emxomf. See the doc directory for some information and visit http://www.columbia.edu/~ariel/ssleay/ for more infos. Grab the full source at http://www.openssl.org/ There are many ways to make your own keys and certificates. A good solution is to use sslRexx. It provides everithing you need Here is a short desctription how I made my own Certification Authority, a Server Key for Apache and a client Key/Certificate for me, signed by my own CA. Root CA: The root CA is needed to sign all certificates ======= Generate a CA-Key and store it in sub-directory private: openssl genrsa -des3 -out private/MyOwnCA.pem 2048 Make a selfsigned certificate based on above key. openssl req -new -x509 -days 730 -key private/CAkey.pem -out CAcert.pem optional generate text output of this certificate: openssl x509 -in ./CAcert.pem -text > CAcert.txt Now you have a key and certificate for your own CA which can be used to sign user and server keys. The CAcert is also needed to configure Apache and Netscape. You can/should give away the CA certificate but never give the CA key to anybody. Make a Key and Certificate for the Apache Server ================================================ Generate a key -------------- openssl genrsa -des3 -out server-key.pem 2048 With this variant, you will be prompted for a protecting password. If you don't want your key to be protected by a password, remove the flag '-des3' from the command line above. NOTE: if you intend to use the key together with a server certificate, you may want to avoid protecting it with a password, since that would mean someone would have to type in the password every time the server needs to access the key. But then you should protect the server key in another way. Create a signing request ------------------------ openssl req -new -key server-key.pem -out server-req.pem Now send this request to your CA for signing. Since you are your own CA sign it: -------- openssl ca -in server-req.pem -out server-cert.pem -outdir MyOwnCA/newcerts Verify the certificate openssl verify -CAfile CAcert.pem server-cert.pem Now you have a key and a certificate for your Apache Webserver. Your Client Certificate/Key =========================== Generate a private key ---------------------- openssl genrsa -des3 -out hrom-key.pem 2048 Create a signing request ------------------------ openssl req -new -key hrom-key.pem -out hrom-req.pem Let the CA sign it ------------------ openssl ca -in hrom-req.pem -out hrom-cert.pem -outdir MyOwnCA/newcerts After you get back the certificate from the CA, combine it with your private key and store the result as p12 file. This file can be imported into your browser. openssl pkcs12 -export -name Hromadka -in hrom-cert.pem -inkey hrom-key.pem -out hrom.p12 Securtiy Notes: Never give your private key to a CA, they only need the signing request. Never give away your p12 file. Always secure your private keys with a passphrase. -- Johannes Hromadka Johannes.Hromadka@gmx.net 2003-03-02
 hobbes.nmsu.edu/download/pub/os2/util/encrypt/openssl-0.9.7a-os2-bin.zip
OpenSSL v. 0.9.7d (21/3/2003) Readme/What's new
Brian Havard's build of OpenSSL v0.9.7d.
 www.os2site.com/sw/internet/openssl/old/openssl-0.9.7d-cli-os2.zip
OpenSSL v. 0.9.6 (15/2/2001) Readme/What's new
If you need to build the OpenSSL library for yourself, EG you're porting an application that requires SSL or other cryptography functions provided by it, all you need to do is the following. Download the official OpenSSL source code from the OpenSSL web site Extract the source using tar xzf openssl-0.9.6.tar.gz Delete all the 0 length files in openssl-0.9.6\include\openssl that tar makes in place of symlinks Apply the patch openssl-emx.patch in the openssl-0.9.6 directory using a unix style patch program like gnupatch.zip and a command line like patch -p0 < openssl-emx.patch While still in the openssl-0.9.6 directory, run os2\emx.cmd to generate the makefiles. Note that this requires that you have a PERL interpreter installed. Run make -f emx.mak Once finished, you'll find the libraries, test programs & the openssl.exe command line application in the out2 directory. You may need to move the .a files up into the openssl-0.9.6 directory for other applications to find them for linking.
 www.os2site.com/sw/internet/openssl/old/openssl-0.9.6.zip
OpenSSL v. 0.9.6 (build on OS2, 3/2/2001) Readme/What's new
a) Needed to fix SHELL= lines in all the daughter Makefile.ssl files. Run pfind -bak=-orig . "/^Makefile\.ssl$/" "=~ s/^(?=TOP\s*=)/SHELL=sh\n/" and manually remove SHELL=/bin/sh from toplevel Makefile.ssl. b) Add syslog.h to ./include; [I took it from ssh source of OS/2 port of 1.14] c) Run make -f Makefile.ssl. When the build of openssl.exe fails, put syslog.obj into the toplevel directory and run this: cp os2/sslcrypt.def-short sslcrypt.def cp os2/openssl.def-short openssl.def emxexp libcrypto.a >>sslcrypt.def emxexp libssl.a >>openssl.def emxomf libcrypto.a libssl.a emximp -o crypto.a sslcrypt.def emximp -o ssl.a openssl.def emximp -o crypto.lib sslcrypt.def emximp -o ssl.lib openssl.def gcc -Zmt -Zdll -Zomf -Zcrtdll -s -o sslcrypt.dll libcrypto.lib syslog.obj sslcrypt.def -lsocket gcc -Zmt -Zdll -Zomf -Zcrtdll -s -o openssl.dll libssl.lib openssl.def -lsocket crypto.lib make -f Makefile.ssl to build tests and apps. Alternatively, apply the patch in os2/patches/README and do as it is said there. Problems: 1) openssl reads in text mode (See os2/patches/README for details); 2) not enough randomness; 3) A lot of test files hardwire /bin/rm; not all corrected. Ilya
 www.os2site.com/sw/internet/openssl/old/openssl-0.9.6-build-on-os2.zip
Record updated last time on: 01/06/2018 - 06:07

GTranslate

English Dutch French German Korean Russian Swedish

Add new comment