openssl hash value - how to generate ?
Salz, Rich
rsalz at akamai.com
Tue Jul 30 17:12:44 UTC 2019
> At the bottom of the man page for x509 it states the following:
The hash algorithm used in the -subject_hash and -issuer_hash options before OpenSSL 1.0.0 was based on the deprecated MD5
algorithm and the encoding of the distinguished name. In OpenSSL 1.0.0 and later it is based on a canonical version of the DN
using SHA1.
The text isn't great. In both cases the printed form is not what is used. Instead, by "canonical form" is meant the X.509 ASN1/DER encoding.
Your guess -- "I think I'm using a different string" -- is correct.
More information about the openssl-users
mailing list