[Info-vax] CA Cert database...
BillPedersen
pedersen at ccsscorp.com
Wed Jul 3 14:26:00 EDT 2019
On Wednesday, July 3, 2019 at 1:09:42 PM UTC-4, Stephen Hoffman wrote:
> On 2019-07-03 15:10:32 +0000, Grant Taylor said:
>
> > On 7/3/19 7:43 AM, Dennis Boone wrote:
> >> I.e. run `openssl x509 -hash -noout -in something.crt` and make a
> >> symlink (or copy) of the cert file named with the resulting string,
> >> appending ".0".
> >
> > I get the reason for the hash, but does anyone know the reason for the
> > .0 suffix? Is there a provision to allow multiple versions with other
> > suffixes?
>
> It's a provision for what are effectively hash collisions. Calculate
> the hash for the arriving certificate, then look for the hash.0 file,
> and check its contents. If the contents don't match, look for hash.1
> file. Repeat. If no file and no match is found, punt.
>
>
> --
> Pure Personal Opinion | HoffmanLabs LLC
Thanks, everyone! Current moving forward!
Best,
Bill.
More information about the Info-vax
mailing list