On Thu, Dec 17, 2009 at 09:30:57AM +0530, tushar ganguli wrote: > Hi, > I have been trying to generate the value of the subject key identifier but > am getting conflicting results: > > RFC5280 section 4.2.1.2 > <http://tools.ietf.org/html/rfc5280#section-4.2.1.2>states that the > subject key id is the sha1 hash of the public key. > But when I do the following I get different results: > > 1. openssl rsa -pubout -in my.key.pem | openssl sha1 -c > Result: b0:83:be:ad:72:af:fd:25:ef:4b:dc:b2:b0:26:9c:54:24:de:13:c2
This calculates the sha1 hash of the PEM formatted file containing the public key. > 2. openssl x509 -inform der -in my.cer -text > Result: C5:C1:98:9F:22:2E:13:25:31:E7:15:7C:2F:E2:C9:9D:45:94:56:D7 This is the sha1 hash of the public key itself. -- Viktor. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org