Why would different versions of openssl produce different hashed filenames for the same root cert?

windows ssl openssl solaris

OpenSSL - Solaris - Windows

When I run c_rehash (OpenSSL 0.9.x in Solaris) and c_rehash (OpenSSL 1.1.x in Windows), the same exact cert.pem file gets converted to a .0 file with a completely different filename.

(Windows) cert.pem => 4e12356.0

(Solaris) cert.pem => 3e121e8.0

Why is this? Shouldn't the hash be the exact same regardless of which version of OpenSSL I'm using?


The hash used for these names changed when moving to OpenSSL 1.0. You can revert to the old behaviour using -subject_hash_old. See the documentation:

-hash

synonym for ``-subject_hash'' for backward compatibility reasons.

-subject_hash_old

outputs the ``hash'' of the certificate subject name using the older algorithm as used by OpenSSL versions before 1.0.0.

There's more background information in this message. Essentially, the hash algorithm changed from MD5 to SHA-1.

Related

VMware ESXi CentOS 6.4 kickstart installation
Mirror/Cache Websites on a Mobile Server
How to turn off all tomcat log rotation
Unable to SSH onto GCE VM after reboot
Ansible: Share inventory variable between groups
How do I stop Windows 10 Install from modifying BIOS boot settings?
Can I convert a raid10 array to raid0?
.\postgres looses "Log on as a service" after reboot; PostgreSQL service does not start
Why is there a socket interface on the host and a character device interface on the guest for virtio-serial?
Looking for server monitoring app... nothing fancy.. for Windows [duplicate]
Error "There are currently no logon servers available to service the logon request"
Windows 2016 Server on site domain join with Azure AD