Hashing the certificate authority file

From cosign wiki

Jump to: navigation, search

Certificate authority certs are used by the filters to verify the identity of the weblogin server. OpenSSL looks up a hash value associated with the CA file and uses is to do said verification.

[edit] Unix and Unix-like systems 

c_rehash .

or 

for cert in *.pem; do ln -s $cert `openssl x509 -in $cert -noout -hash`.0; done

[edit] Windows

From a command prompt, run: 

openssl x509 -noout -hash -in \path\to\CAfileexample.pem

A hash value is displayed. Copy-and-paste the contents of the CAfileexample.pem file into a file called [hash value].0.

In your cosign.dll.config file have <CAFilePath> point to the folder where the hash is located. (Whereas pre-1.1.1 it would point directly to the file).

Retrieved from "http://webservices.itcs.umich.edu/mediawiki/cosign/index.php/Hashing_the_certificate_authority_file"
Personal tools