On Wed, May 16, 2012, Jan Danielsson wrote:
> Hello,
>
> When creating hash named certificate files for CA's and such
> ("openssl x509 -hash -in ca.crt -inform der -noout"), is the
> algorithm/seed standardized in SSL in any way?
>
No it's an OpenSSL specific thing which is just used as a quick way to find a
certificate with a given subject name.
If you need some kind of unique certificate identifier the -fingerprint option
is more useful. That's just the hash of the DER encoding of the certificate.
Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [email protected]
Automated List Manager [email protected]
