[Pkg-openssl-devel] Bug#481944: Bug Not Found -- Fixed Upstream
Scott Schaefer
saschaefer at neurodiverse.org
Mon May 2 23:22:41 UTC 2011
Both of these have been added to the man page in the upstream release...
- hash now states it is an alias for -subject-hash
HISTORY section now contains note re old/new has algorithms ....
Before OpenSSL 0.9.8, the default digest for RSA keys was MD5.
The hash algorithm used in the -subject_hash and -issuer_hash options
before OpenSSL 1.0.0 was based on the
deprecated MD5 algorithm and the encoding of the distinguished name.
In OpenSSL 1.0.0 and later it is based on
a canonical version of the DN using SHA1. This means that any
directories using the old form must have their
links rebuilt using c_rehash or similar.
I recommend this bug be closed.
More information about the Pkg-openssl-devel
mailing list