For the last option, I have a hack
diff --git a/tools/c_rehash.in b/tools/c_rehash.in
index 4497cbd..d76e693 100644
--- a/tools/c_rehash.in
+++ b/tools/c_rehash.in
@@ -59,12 +59,15 @@ sub hash_dir {
}
}
closedir DIR;
- FILE: foreach $fname (grep {/\.pem$/} @flist) {
+ FILE: foreach $fname (grep {/\.pem$|\.crt$/} @flist) {
# Check to see if certificates and/or CRLs present.
my ($cert, $crl) = check_file($fname);
if(!$cert && !$crl) {
- print STDERR "WARNING: $fname does not contain a certificate or CRL: skipping\n";
- next;
+ ($cert, $crl) = check_file("$openssl x509 -in \"$fname\" -inform der -outform pem | ");
+ if(!$cert && !$crl) {
+ print STDERR "WARNING: $fname does not contain a certificate or CRL: skipping\n";
+ next;
+ }
}
link_hash_cert($fname) if($cert);
link_hash_crl($fname) if($crl);
@@ -102,6 +105,9 @@ sub link_hash_cert {
my $fname = $_[0];
$fname =~ s/'/'\\''/g;
my ($hash, $fprint) = `"$openssl" x509 -hash -fingerprint -noout -in '$fname'`;
+ if(!$hash || !fprint) {
+ ($hash, $fprint) = `"$openssl" x509 -hash -fingerprint -noout -in '$fname' -inform der`;
+ }
chomp $hash;
chomp $fprint;
$fprint =~ s/^.*=//;
