Withers John Z via RT wrote:
To whom it may concern,
I have built OpenSSL 1.0.1s for 64-bit and 32-bit version of RHEL5.11. The
reasons for this are long and involve my employer, so I would detail them in
this message.
I successfully built and deployed to a 64-bit RHEL 5.11 server (using a local
installation path) and was able to configure the issuer certificate cache for
my applications. I built a separate package for 32-bit RHEL 5.11 (again, using
a local installation path). After installation, I observed that the -hash
option of the openssl command (and hence the c_rehash utility) computed
incorrect subject hashes for the issuer certificates in the cache. Identical
certificates from the 64-bit installation were installed but the hash values
were different. Tracing the operation of the s_client module with strace
indicated that the hash values computed internally matched the hash values
produced on the 64-bit system. I replicated the symbolic links for the issuer
certificates from the 64-bit system to the 32-bit system and the certificates
presented by the remote server for my application were verified.
FWIW: I've downloaded and built openssl-1.0.1s on my EL 5.11 box in both
32bit and 64bit mode (I needed to hack ./Configure for that, BTW). The
resulting
openssl x509 -hash
command prints out the exact same hash for both the 32bit and 64bit
versions.
HTH,
JJK / Jan Just Keijser
Nikhef
Amsterdam
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
