> > > 2) Serial-number and entry in index.txt for self-signed-certs
> > >
> > > I have realized that a root-cert that was generates via req -x509...
> > > always gets the serial-number "00". I think this could lead to some
> > > trouble if you want to renew the root-cert (for whatever reason) with
On Fri, May 07, 1999 at 02:04:25PM +, Michael Ströder wrote:
> Hmm, but most times the client does not have OpenSSL to calculate that.
> Most times you have Netscape Communicator or something like this on the
> requester's side. I think PKIX proposes to send a master secret to the
> request
Lars Weber wrote:
>
> I have some (late) suggestions for the next OpenSSL-Release:
>
> 1) Fingerprint for requests
>
> This should calculate a unique fingerprint for the request and would
> make it possible to identify a request via this hash. I think this
> would be ve
On Fri, May 07, 1999 at 12:28:33AM +0200, Massimiliano Pala wrote:
> > 1) Fingerprint for requests
> >
> > It would be nice to see an option "fingerprint" for the "req" application,
> > like in the "x509" application.
> >
> > For example:
> >
> > openssl req -fingerprint -in req.pem
> >
> >
Lars Weber wrote:
>
> Hello everybody !
>
> I have some (late) suggestions for the next OpenSSL-Release:
>
> 1) Fingerprint for requests
>
> It would be nice to see an option "fingerprint" for the "req" application,
> like in the "x50
Lars Weber wrote:
>
>
> 3) Strange behavior if "serial" is set to "00"
>
> If someone puts the value "00" in serial instead of "01", that will
> cause some funny things after issuing the first cert. The
> "serial"-file contains "5C5C5C5D" and the serial-number of the new
> certs is set to "0".
Hello everybody !
I have some (late) suggestions for the next OpenSSL-Release:
1) Fingerprint for requests
It would be nice to see an option "fingerprint" for the "req" application,
like in the "x509" application.
For example:
openssl req -fingerprint -in
