-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hou, LiangX schrieb: | Hi, Steve, | I used "openssl dgst -sha1". Is there anything wrong with my code? | Is it right to get certificate object by using "X509 *cert = ctx->cert;" in this case?
openssl dgst -sha ... reads the data in the file and generates a fingerprint on it. Assuming the certificate is stored as PEM, you calculate the fingerprint of the text in the file. The fingerprint you get with X509_digest() is the fingerprint of the certificate, not it's text representation. The command line to get the fingerprint for a certificate is openssl x509 -fingerprint -sha1 -noout -in <filename.pem> Bye Goetz - -- DMCA: The greed of the few outweights the freedom of the many -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4-svn0 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHj7Q+2iGqZUF3qPYRAtBqAJ9u7xKYCprgEw+1HvYKIZmEiebpcQCdEnEP HTn8N4ovjZCXPdjmXykMR0Y= =vipC -----END PGP SIGNATURE----- ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
