x509 hash changes in Ubuntu Oneiric

Did your commands with custom -CApath stop working after upgrading to Oneiric? Mine did. It turns out Oneiric introduced a change (via OpenSSL 1.0.0, maybe?) that changed the subject hash algorithm used to index certificates in a -CApath directory. Look for a handy code snippet after the jump.

for cert in *.crt; do hash=$(openssl x509 -in $cert -noout -hash) test -f $hash.0 || ln -s $cert $hash.0 done

Written by Lee Verberne

2011-11-10 at 17:27

Posted in Linux

Leave a Reply Cancel reply

Enter your comment here...

Please log in using one of these methods to post your comment:

Email (Address never made public)

Name

Website

You are commenting using your WordPress.com account. ( Log Out / Change )

You are commenting using your Facebook account. ( Log Out / Change )

Cancel

Connecting to %s

tech stuff.