Per this web page the hash algorithm did change if I understand your question correctly.
http://www.openssl.org/docs/apps/x509.html I think c_rehash uses -subject_hash as the option. These options allow you to use the old hash from the command line. Don't know how to get c_rehash to do this. *-subject_hash_old* outputs the ``hash'' of the certificate subject name using the older algorithm as used by OpenSSL versions before 1.0.0. *-issuer_hash_old* outputs the ``hash'' of the certificate issuer name using the older algorithm as used by OpenSSL versions before 1.0.0. On Mon, May 20, 2013 at 4:42 PM, Khadija Amin (khamin) <kha...@cisco.com>wrote: > > Re-trying.. > From: Microsoft Office User <kha...@cisco.com> > Date: Mon, 13 May 2013 23:34:56 -0700 > To: <openssl-users@openssl.org> > Subject: Question regarding openssl program to compute the hashes and > finger-prints. > > Hello All , > > I have a question regarding c_rehash utility used to create symbolic > links to files named by the hash values. > I understand that c_rehash calls openssl to compute the hash by invoking > the following command : > > $OPENSSL x509 -hash -fingerprint -noout -in $file > > What I noticed, recent openssl versions(1.0) are producing hash that is > different from the earlier openssl versions (0.9.8u). Has the hash > algorithm that the above command uses has changed ? (for e.g : from md5 to > sha1??). Is it possible to specify the hash algorithm explictly in the > above command so that I can have both versions of openssl create the same > .0 file ? > > Any pointers are greatly appreciated as this is affecting back > compatibility of my application. > > Thank you. > Khadija >
