Hi All: As I know, When calculate Public key in certificate, it's SHA1 value is equal to Subject Key Identifier in certificate, and I verify this, and found that some websites are follow this.
But when I go to www.google.com website, I find the leaf certificate and intermediate certificate is ok, but root CA certificate (GeoTrust Global CA) is not. For Geo Trust Global CA certificate. Public key: 30 82 01 0a 02 82 01 01 00 da cc 18 63 30 fd f4 17 23 1a 56 7e 5b df 3c 6c 38 e4 71 b7 78 91 d4 bc a1 d8 4c f8 a8 43 b6 03 e9 4d 21 07 08 88 da 58 2f 66 39 29 bd 05 78 8b 9d 38 e8 05 b7 6a 7e 71 a4 e6 c4 60 a6 b0 ef 80 e4 89 28 0f 9e 25 d6 ed 83 f3 ad a6 91 c7 98 c9 42 18 35 14 9d ad 98 46 92 2e 4f ca f1 87 43 c1 16 95 57 2d 50 ef 89 2d 80 7a 57 ad f2 ee 5f 6b d2 00 8d b9 14 f8 14 15 35 d9 c0 46 a3 7b 72 c8 91 bf c9 55 2b cd d0 97 3e 9c 26 64 cc df ce 83 19 71 ca 4e e6 d4 d5 7b a9 19 cd 55 de c8 ec d2 5e 38 53 e5 5c 4f 8c 2d fe 50 23 36 fc 66 e6 cb 8e a4 39 19 00 b7 95 02 39 91 0b 0e fe 38 2e d1 1d 05 9a f6 4d 3e 6f 0f 07 1d af 2c 1e 8f 60 39 e2 fa 36 53 13 39 d4 5e 26 2b db 3d a8 14 bd 32 eb 18 03 28 52 04 71 e5 ab 33 3d e1 38 bb 07 36 84 62 9c 79 ea 16 30 f4 5f c0 2b e8 71 6b e4 f9 02 03 01 00 01 Public Key SHA1: 00:f9:2a:c3:41:91:b6:c9:c2:b8:3e:55:f2:c0:97:11:13:a0:07:20 Subject Key Identifier: c0 7a 98 68 8d 89 fb ab 05 64 0c 11 7d aa 7d 65 b8 ca cc 4e As you can above, Public Key SHA1 is not same as Subject Key Identifier. What' wrong about this? Thanks a lot! -- Rejoice,I Desire! ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
