pointed out by Giannis Tsaraias.
This is a tiny (less than 200 lines) auditable script that can handle
issue and renew of Let's Encrypt certificates, using calls to openssl(1)
to handle key operations.
This package provides efficient cryptographic hash implementations
for strict and lazy bytestrings. For now, CRC32 and Adler32 are
supported; they are implemented as FFI bindings to efficient code
from zlib.
ok sthen@
This library implements the SHA suite of message digest functions,
according to NIST FIPS 180-2 (with the SHA-224 addendum), as well
as the SHA-based HMAC routines. The functions have been tested
against most of the NIST and RFC test vectors for the various
functions. While some attention has been paid to performance, these
do not presently reach the speed of well-tuned libraries, like
OpenSSL.
ok kili@
suffers from a number of problems:
- problems with certificate revocation as reported by James Boyle
- only offers old/broken hashes
- passes config vars in the environment to openssl(1), which is
not supported by libressl
- warnings with current versions of perl
If you're looking for a gui tool for a private CA, you might like to try
the xca package instead. (For a non-gui toolkit, cloudflare's cfssl might
be of interest; it's not in ports though).
the annoying dialog(1) one.
Set appropriate webroot-path in comment and draw attention to the possibility
that you might have configured the webserver not to server .dotfiles.
in the distribution tar file.
- BN_mod_exp may produce incorrect results on x86_64 (CVE-2015-3193, Aug 13)
- Certificate verify crash with missing PSS parameter (CVE-2015-3194, Aug 27)
- X509_ATTRIBUTE memory leak (CVE-2015-3195, Nov 9)
(plus the advisory mentions an issue fixed in 1.0.2d)
