Damn! Thanks! I was looking at openssl req (because openssl x509 or
something similar does print a fingerprint).
With that, I can fix things...
Thanks again,
Andrew
At 08:50 AM 8/25/01 +0200, you wrote:
>On Sat, Aug 25, 2001 at 07:41:08AM +0100, Andrew Cooke wrote:
> > How does she create t
On Sat, Aug 25, 2001 at 07:41:08AM +0100, Andrew Cooke wrote:
> How does she create the fingerprint? - I looked and could not find a way to
> do it with openssl (only fingerprints for certificates seem to be supported).
openssl md5 filename
(or openssl sha1 fingerprint)
Best regards,
Lu
At 10:03 PM 8/24/01 +0200, you wrote:
>On Fri, Aug 24, 2001 at 05:28:43PM +0100, Andrew Cooke wrote:
> > What I should have asked is how to detect a *substitute* request. It will
> > be self-consistent, but will not match the correct private key.
> >
> > One solution is to show that the certifica
On Fri, Aug 24, 2001 at 05:28:43PM +0100, Andrew Cooke wrote:
> What I should have asked is how to detect a *substitute* request. It will
> be self-consistent, but will not match the correct private key.
>
> One solution is to show that the certificate and private key are consistent
> after si
At 05:28 PM 8/24/01 +0100, you wrote:
>At 05:17 PM 8/24/01 +0200, you wrote:
>> Just verify the signature of request with : openssl -req -verify -in
>>requestfile
>
>Thank-you, but I made a mistake asking the question.
I was supposed to say Sorry too, at that point!
_
At 05:17 PM 8/24/01 +0200, you wrote:
> Just verify the signature of request with : openssl -req -verify -in
>requestfile
Thank-you, but I made a mistake asking the question.
What you are suggesting will detect a modified request (which is what I
wrote), but not someone substituting a diffe
