Here are the text outputs of the certs:
1) app server cert (not the new server)
Data:
Version: 3 (0x2)
Serial Number: 242 (0xf2)
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=US, ST=Texas, O=QBI, OU=Information Technology, CN=QB Root
CA
Validity
Not Before: Feb 27 22:35:58 2013 GMT
Not After : Feb 27 22:35:58 2023 GMT
Subject: C=US, ST=Texas, L=Fort Worth, O=QBI, OU=Information
Technology, CN=app1.qb.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (4096 bit)
Modulus:
00:a7:22:75:61:e6:91:80:e8:35:96:09:98:20:e7:
.
.
.
17:e6:c8:53:df:87:f5:93:ce:22:39:3d:af:5c:c6:
9c:bc:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
Netscape Comment:
OpenSSL Generated Certificate
X509v3 Subject Key Identifier:
24:..<redacted>..:B4
X509v3 Authority Key Identifier:
keyid:25:..<redacted>..:9C
Signature Algorithm: sha1WithRSAEncryption
61:51:3f:5a:b9:ce:af:ab:69:14:c8:88:80:e3:8f:3a:e2:0b:
.
.
.
25:ab:85:16:62:3c:ee:00:80:13:50:47:e5:9b:0d:b4:bf:17:
88:f4
2) Here is our CA cert
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15219766957112807379 (0xd3377968e2efcfd3)
Signature Algorithm: sha512WithRSAEncryption
Issuer: C=US, ST=Texas, L=Fort Worth, O=QMG LLC, OU=Certificate
Authority, CN=ca.qb.com/emailAddress=i...@qb.com
Validity
Not Before: Mar 21 16:13:02 2013 GMT
Not After : Mar 16 16:13:02 2033 GMT
Subject: C=US, ST=Texas, L=Fort Worth, O=QMG LLC, OU=Certificate
Authority, CN=ca.qb.com/emailAddress=i...@qb.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (4096 bit)
Modulus:
00:a7:86:bd:48:da:44:2a:35:4e:2c:56:c2:e2:d6:
.
.
.
4f:80:7d:8f:9e:0f:e2:23:be:67:48:1d:1a:d3:a2:
3a:1d:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:TRUE
X509v3 Subject Key Identifier:
25:<...redacted...>:8A
X509v3 Authority Key Identifier:
keyid:25:<...redacted...>:8A
DirName:/C=US/ST=Texas/L=Fort Worth/O=QMG LLC/OU=Certificate
Authority/CN=ca.qb.com/emailAddress=i...@qb.com
serial:D3:37:79:68:E2:EF:CF:D3
X509v3 Subject Alternative Name:
email:i...@qb.com
X509v3 Issuer Alternative Name:
email:i...@qb.com
Netscape Cert Type:
SSL CA, S/MIME CA, Object Signing CA
Netscape Comment:
QMG LLC Internal Certification Authority Certificate
Netscape CA Revocation Url:
http://www.qb.com/ca/cacrl.crl
Netscape Revocation Url:
http://www.qb.com/ca/cacrl.crl
Signature Algorithm: sha512WithRSAEncryption
6f:22:96:de:3f:f2:49:81:c6:53:8a:9c:82:58:87:2b:cb:0b:
.
.
.
21:cc:8f:af:c6:81:eb:23
3) Here is the new cert we are trying to introduce (sales.1d.qb.com)
Certificate:
Data:
Version: 1 (0x0)
Serial Number: 2 (0x2)
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=US, ST=Texas, L=Fort Worth, O=QMG LLC, OU=Certificate
Authority, CN=ca.qb.com/emailAddress=i...@qb.com
Validity
Not Before: Apr 28 22:46:57 2014 GMT
Not After : Apr 25 22:46:57 2024 GMT
Subject: C=US, ST=Texas, L=Fort Worth, O=QMG, OU=IT,
CN=sales.1d.qb.com/emailAddress=doma...@qb.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (4096 bit)
Modulus:
00:b5:18:6c:2d:b0:fa:be:92:f8:eb:57:90:fe:e3:
.
.
.
89:5a:77:79:ee:23:b0:27:28:43:8d:18:76:51:3f:
36:d2:d3
Exponent: 65537 (0x10001)
Signature Algorithm: sha1WithRSAEncryption
78:04:4f:50:98:7e:fb:b7:0a:bc:41:34:45:d5:82:c8:40:28:
.
.
.
cf:99:56:4b:ea:3b:31:03
--
View this message in context:
http://openssl.6102.n7.nabble.com/whichever-certificate-loading-first-wins-tp49869p49894.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
