[openssl-users] Why is this OCSP response reporting a hash using SHA1?

Dr. Stephen Henson steve at openssl.org
Sat Sep 9 02:08:00 UTC 2017


On Fri, Sep 08, 2017, Robert Moskowitz wrote:

> I am using the test responder:
> 
>    openssl ocsp -port 2560 -text -rmd sha256\
>          -index index.txt \
>          -CA certs/ca-chain.cert.pem \
>          -rkey private/$ocspurl.key.pem \
>          -rsigner certs/$ocspurl.cert.pem \
>          -nrequest 1
> 
> 
> What is the SHA1 hash report about?  It comes right after the line:
> Certificate ID:
> 
>     Certificate ID:
>       Hash Algorithm: sha1
>       Issuer Name Hash: CA1F5832FA387F0127D8E0583F7331D1B903DBF0
>       Issuer Key Hash: A3278D00B053BF259193A4833E669C451DAD36E0
>       Serial Number: 762900CAB55A4762

It's the hash algorithm used to hash the issuer name and key to identify them.

Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org


More information about the openssl-users mailing list