Carla Coutinho wrote: > I'm trying to generate an OCSP request containing Issuer Name Hash and > Issuer Key Hash calculated with hashing algorithm SHA256. > I've already instaled OpenSSL 1.0.0, which has the option '-sha256', but > that doesn't seem to be working (the Hash Algorithm is always SHA1).
AFAIK RFC 2560 only defines SHA-1 as mandantory to implement for OCSP. What you're probably looking for is an implementation of https://datatracker.ietf.org/doc/draft-ietf-pkix-ocspagility/ or at least it gives you an idea of interop issues when not using SHA-1. Ciao, Michael. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org