tech stuff.

x509 hash changes in Ubuntu Oneiric

leave a comment »

Did your commands with custom -CApath stop working after upgrading to Oneiric? Mine did. It turns out Oneiric introduced a change (via OpenSSL 1.0.0, maybe?) that changed the subject hash algorithm used to index certificates in a -CApath directory. Look for a handy code snippet after the jump.

for cert in *.crt; do
hash=$(openssl x509 -in $cert -noout -hash)
test -f $hash.0 || ln -s $cert $hash.0

Written by Lee Verberne

2011-11-10 at 17:27

Posted in Linux

Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: