[openssl-dev] [openssl.org #4529] Output of -hash option incompatible 64-bit Linux vs 32-bit Linux
Withers John Z via RT
rt at openssl.org
Mon May 2 19:00:03 UTC 2016
To whom it may concern,
I have built OpenSSL 1.0.1s for 64-bit and 32-bit version of RHEL5.11. The reasons for this are long and involve my employer, so I would detail them in this message.
I successfully built and deployed to a 64-bit RHEL 5.11 server (using a local installation path) and was able to configure the issuer certificate cache for my applications. I built a separate package for 32-bit RHEL 5.11 (again, using a local installation path). After installation, I observed that the -hash option of the openssl command (and hence the c_rehash utility) computed incorrect subject hashes for the issuer certificates in the cache. Identical certificates from the 64-bit installation were installed but the hash values were different. Tracing the operation of the s_client module with strace indicated that the hash values computed internally matched the hash values produced on the 64-bit system. I replicated the symbolic links for the issuer certificates from the 64-bit system to the 32-bit system and the certificates presented by the remote server for my application were verified.
Thanks!
John Withers
Enterprise Operations
Directory Services Branch - OS:CTO:EO:ISD:DSB:PKI
Champaign, Illinois
Phone: (217) 974-7736
"A positive attitude may not solve all of your problems, but it will annoy enough people to make it worth the effort"
--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4529
Please log in as guest with password guest if prompted
More information about the openssl-dev
mailing list