Problems in creating certificate with SHA256 / SHA512Create X509 certificate with v3 extensions using command line toolsWant a sha256 ssl cert,but i get sha1,why?Openssl: Unable to download certificate with altered portDownload and verify certificate chainCreate self-signed certificate with end-date in the pastCreating a *.local ssl certificateSigning certificate request with certificate authority created in opensslWhat's wrong with my SSL certificate?Self-Signed Certificate with CRL DP? Is this even possible?Error using openssl with socat - SSL3_CHECK_CERT_AND_ALGORITHM:dh key too small
How to make payment on the internet without leaving a money trail?
Why was the "bread communication" in the arena of Catching Fire left out in the movie?
Lied on resume at previous job
How to create a consistent feel for character names in a fantasy setting?
How did the USSR manage to innovate in an environment characterized by government censorship and high bureaucracy?
Unbreakable Formation vs. Cry of the Carnarium
Is a car considered movable or immovable property?
Is "plugging out" electronic devices an American expression?
What is the offset in a seaplane's hull?
Is it legal to have the "// (c) 2019 John Smith" header in all files when there are hundreds of contributors?
Why do UK politicians seemingly ignore opinion polls on Brexit?
Landlord wants to switch my lease to a "Land contract" to "get back at the city"
Patience, young "Padovan"
Prime joint compound before latex paint?
Is domain driven design an anti-SQL pattern?
OA final episode explanation
Latin words with no plurals in English
Add an angle to a sphere
Symmetry in quantum mechanics
Where to refill my bottle in India?
Why did the Germans forbid the possession of pet pigeons in Rostov-on-Don in 1941?
Piano - What is the notation for a double stop where both notes in the double stop are different lengths?
How is it possible for user's password to be changed after storage was encrypted? (on OS X, Android)
Crop image to path created in TikZ?
Problems in creating certificate with SHA256 / SHA512
Create X509 certificate with v3 extensions using command line toolsWant a sha256 ssl cert,but i get sha1,why?Openssl: Unable to download certificate with altered portDownload and verify certificate chainCreate self-signed certificate with end-date in the pastCreating a *.local ssl certificateSigning certificate request with certificate authority created in opensslWhat's wrong with my SSL certificate?Self-Signed Certificate with CRL DP? Is this even possible?Error using openssl with socat - SSL3_CHECK_CERT_AND_ALGORITHM:dh key too small
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty margin-bottom:0;
I want to generate a self-signed certificate with SHA256 or SHA512, but I have problems with it. I have created a script, which should does this automatically:
#!/bin/bash
set -e
echo "WORKSPACE: $WORKSPACE"
SSL_DIR=$(pwd)/httpd_ssl_certs
OPENSSL_CNF=$(pwd)/openssl.cnf
if [ -d "$SSL_DIR" ]; then
rm -rvf "$SSL_DIR"
fi
mkdir -vp "$SSL_DIR"
pushd "$SSL_DIR"
# check if openssl.cnf exists
if [ ! -f "$OPENSSL_CNF" ]; then
echo "Could not find $OPENSSL_CNF. Build will be exited."
exit 1
fi
echo " - create private key"
openssl genrsa -out server.key.template 2048
echo " - create signing request"
openssl req -nodes -new -sha256 -config $OPENSSL_CNF -key server.key.template -out server.csr.template
echo " - create certificate"
openssl x509 -req -in server.csr.template -signkey server.key.template -out server.crt.template -extfile $OPENSSL_CNF
And I have a openssl.cnf file with configuration for it:
[ ca ]
default_ca = CA_default
[ CA_default ]
# how long to certify
default_days = 365
# how long before next CRL
default_crl_days = 30
# use public key default MD
default_md = sha256
# keep passed DN ordering
preserve = no
policy = policy_anything
[ policy_anything ]
countryName = optional
stateOrProvinceName = optional
localityName = optional
organizationName = optional
organizationalUnitName = optional
commonName = optional
emailAddress = optional
[ req ]
default_bits = 2048
default_keyfile = server.key.template
distinguished_name = req_distinguished_name
prompt = no
encrypt_key = no
# add default_md to [ req ] for creating certificates with SHA256
default_md = sha256
[ req_distinguished_name ]
countryName = "AB"
stateOrProvinceName = "CD"
localityName = "Some town"
organizationName = "XXX Y"
organizationalUnitName = "XXX Y"
commonName = "localhost"
emailAddress = "somemail@some.org"
When I run the script with this openssl.cnf, then I get a certifiacte, but this certificate is always encrypted with SHA1. I checked it with this command: openssl x509 -in server.crt.template -text -noout | grep 'Signature. I always get this output:
Signature Algorithm: sha1WithRSAEncryption
Signature Algorithm: sha1WithRSAEncryption
Can someone give me a hint, whats false there?
openssl certificates hashsum
edited Jan 8 '17 at 23:36
Gilles
546k13011121625
asked Oct 17 '16 at 12:17
kristiankristian
42531018
add a comment |
I want to generate a self-signed certificate with SHA256 or SHA512, but I have problems with it. I have created a script, which should does this automatically:
#!/bin/bash
set -e
echo "WORKSPACE: $WORKSPACE"
SSL_DIR=$(pwd)/httpd_ssl_certs
OPENSSL_CNF=$(pwd)/openssl.cnf
if [ -d "$SSL_DIR" ]; then
rm -rvf "$SSL_DIR"
fi
mkdir -vp "$SSL_DIR"
pushd "$SSL_DIR"
# check if openssl.cnf exists
if [ ! -f "$OPENSSL_CNF" ]; then
echo "Could not find $OPENSSL_CNF. Build will be exited."
exit 1
fi
echo " - create private key"
openssl genrsa -out server.key.template 2048
echo " - create signing request"
openssl req -nodes -new -sha256 -config $OPENSSL_CNF -key server.key.template -out server.csr.template
echo " - create certificate"
openssl x509 -req -in server.csr.template -signkey server.key.template -out server.crt.template -extfile $OPENSSL_CNF
And I have a openssl.cnf file with configuration for it:
[ ca ]
default_ca = CA_default
[ CA_default ]
# how long to certify
default_days = 365
# how long before next CRL
default_crl_days = 30
# use public key default MD
default_md = sha256
# keep passed DN ordering
preserve = no
policy = policy_anything
[ policy_anything ]
countryName = optional
stateOrProvinceName = optional
localityName = optional
organizationName = optional
organizationalUnitName = optional
commonName = optional
emailAddress = optional
[ req ]
default_bits = 2048
default_keyfile = server.key.template
distinguished_name = req_distinguished_name
prompt = no
encrypt_key = no
# add default_md to [ req ] for creating certificates with SHA256
default_md = sha256
[ req_distinguished_name ]
countryName = "AB"
stateOrProvinceName = "CD"
localityName = "Some town"
organizationName = "XXX Y"
organizationalUnitName = "XXX Y"
commonName = "localhost"
emailAddress = "somemail@some.org"
When I run the script with this openssl.cnf, then I get a certifiacte, but this certificate is always encrypted with SHA1. I checked it with this command: openssl x509 -in server.crt.template -text -noout | grep 'Signature. I always get this output:
Signature Algorithm: sha1WithRSAEncryption
Signature Algorithm: sha1WithRSAEncryption
Can someone give me a hint, whats false there?
openssl certificates hashsum
edited Jan 8 '17 at 23:36
Gilles
546k13011121625
asked Oct 17 '16 at 12:17
kristiankristian
42531018
What is the output of openssl list-message-digest-algorithms? Does it contain RSA-SHA256 => SHA256?
– MariusMatutiae
Oct 17 '16 at 13:04
@MariusMatutiae Yes.
– kristian
Oct 17 '16 at 13:10
On Debian and Arch (version 1.0.2j) I cannot reproduce the problem. You may wish to re-install the openssl package.
– MariusMatutiae
Oct 17 '16 at 14:16
add a comment |
I want to generate a self-signed certificate with SHA256 or SHA512, but I have problems with it. I have created a script, which should does this automatically:
#!/bin/bash
set -e
echo "WORKSPACE: $WORKSPACE"
SSL_DIR=$(pwd)/httpd_ssl_certs
OPENSSL_CNF=$(pwd)/openssl.cnf
if [ -d "$SSL_DIR" ]; then
rm -rvf "$SSL_DIR"
fi
mkdir -vp "$SSL_DIR"
pushd "$SSL_DIR"
# check if openssl.cnf exists
if [ ! -f "$OPENSSL_CNF" ]; then
echo "Could not find $OPENSSL_CNF. Build will be exited."
exit 1
fi
echo " - create private key"
openssl genrsa -out server.key.template 2048
echo " - create signing request"
openssl req -nodes -new -sha256 -config $OPENSSL_CNF -key server.key.template -out server.csr.template
echo " - create certificate"
openssl x509 -req -in server.csr.template -signkey server.key.template -out server.crt.template -extfile $OPENSSL_CNF
And I have a openssl.cnf file with configuration for it:
[ ca ]
default_ca = CA_default
[ CA_default ]
# how long to certify
default_days = 365
# how long before next CRL
default_crl_days = 30
# use public key default MD
default_md = sha256
# keep passed DN ordering
preserve = no
policy = policy_anything
[ policy_anything ]
countryName = optional
stateOrProvinceName = optional
localityName = optional
organizationName = optional
organizationalUnitName = optional
commonName = optional
emailAddress = optional
[ req ]
default_bits = 2048
default_keyfile = server.key.template
distinguished_name = req_distinguished_name
prompt = no
encrypt_key = no
# add default_md to [ req ] for creating certificates with SHA256
default_md = sha256
[ req_distinguished_name ]
countryName = "AB"
stateOrProvinceName = "CD"
localityName = "Some town"
organizationName = "XXX Y"
organizationalUnitName = "XXX Y"
commonName = "localhost"
emailAddress = "somemail@some.org"
When I run the script with this openssl.cnf, then I get a certifiacte, but this certificate is always encrypted with SHA1. I checked it with this command: openssl x509 -in server.crt.template -text -noout | grep 'Signature. I always get this output:
Signature Algorithm: sha1WithRSAEncryption
Signature Algorithm: sha1WithRSAEncryption
Can someone give me a hint, whats false there?
openssl certificates hashsum
edited Jan 8 '17 at 23:36
Gilles
546k13011121625
asked Oct 17 '16 at 12:17
kristiankristian
42531018
I want to generate a self-signed certificate with SHA256 or SHA512, but I have problems with it. I have created a script, which should does this automatically:
#!/bin/bash
set -e
echo "WORKSPACE: $WORKSPACE"
SSL_DIR=$(pwd)/httpd_ssl_certs
OPENSSL_CNF=$(pwd)/openssl.cnf
if [ -d "$SSL_DIR" ]; then
rm -rvf "$SSL_DIR"
fi
mkdir -vp "$SSL_DIR"
pushd "$SSL_DIR"
# check if openssl.cnf exists
if [ ! -f "$OPENSSL_CNF" ]; then
echo "Could not find $OPENSSL_CNF. Build will be exited."
exit 1
fi
echo " - create private key"
openssl genrsa -out server.key.template 2048
echo " - create signing request"
openssl req -nodes -new -sha256 -config $OPENSSL_CNF -key server.key.template -out server.csr.template
echo " - create certificate"
openssl x509 -req -in server.csr.template -signkey server.key.template -out server.crt.template -extfile $OPENSSL_CNF
And I have a openssl.cnf file with configuration for it:
[ ca ]
default_ca = CA_default
[ CA_default ]
# how long to certify
default_days = 365
# how long before next CRL
default_crl_days = 30
# use public key default MD
default_md = sha256
# keep passed DN ordering
preserve = no
policy = policy_anything
[ policy_anything ]
countryName = optional
stateOrProvinceName = optional
localityName = optional
organizationName = optional
organizationalUnitName = optional
commonName = optional
emailAddress = optional
[ req ]
default_bits = 2048
default_keyfile = server.key.template
distinguished_name = req_distinguished_name
prompt = no
encrypt_key = no
# add default_md to [ req ] for creating certificates with SHA256
default_md = sha256
[ req_distinguished_name ]
countryName = "AB"
stateOrProvinceName = "CD"
localityName = "Some town"
organizationName = "XXX Y"
organizationalUnitName = "XXX Y"
commonName = "localhost"
emailAddress = "somemail@some.org"
When I run the script with this openssl.cnf, then I get a certifiacte, but this certificate is always encrypted with SHA1. I checked it with this command: openssl x509 -in server.crt.template -text -noout | grep 'Signature. I always get this output:
Signature Algorithm: sha1WithRSAEncryption
Signature Algorithm: sha1WithRSAEncryption
Can someone give me a hint, whats false there?
openssl certificates hashsum
openssl certificates hashsum
edited Jan 8 '17 at 23:36
Gilles
546k13011121625
asked Oct 17 '16 at 12:17
kristiankristian
42531018
edited Jan 8 '17 at 23:36
Gilles
546k13011121625
asked Oct 17 '16 at 12:17
kristiankristian
42531018
edited Jan 8 '17 at 23:36
Gilles
546k13011121625
edited Jan 8 '17 at 23:36
Gilles
546k13011121625
edited Jan 8 '17 at 23:36
Gilles
546k13011121625
546k13011121625
asked Oct 17 '16 at 12:17
kristiankristian
42531018
asked Oct 17 '16 at 12:17
kristiankristian
42531018
asked Oct 17 '16 at 12:17
kristiankristian
42531018
42531018
What is the output of openssl list-message-digest-algorithms? Does it contain RSA-SHA256 => SHA256?
– MariusMatutiae
Oct 17 '16 at 13:04
@MariusMatutiae Yes.
– kristian
Oct 17 '16 at 13:10
On Debian and Arch (version 1.0.2j) I cannot reproduce the problem. You may wish to re-install the openssl package.
– MariusMatutiae
Oct 17 '16 at 14:16
add a comment |
What is the output of openssl list-message-digest-algorithms? Does it contain RSA-SHA256 => SHA256?
– MariusMatutiae
Oct 17 '16 at 13:04
@MariusMatutiae Yes.
– kristian
Oct 17 '16 at 13:10
On Debian and Arch (version 1.0.2j) I cannot reproduce the problem. You may wish to re-install the openssl package.
– MariusMatutiae
Oct 17 '16 at 14:16
What is the output of openssl list-message-digest-algorithms? Does it contain RSA-SHA256 => SHA256?
– MariusMatutiae
Oct 17 '16 at 13:04
What is the output of openssl list-message-digest-algorithms? Does it contain RSA-SHA256 => SHA256?
– MariusMatutiae
Oct 17 '16 at 13:04
@MariusMatutiae Yes.
– kristian
Oct 17 '16 at 13:10
@MariusMatutiae Yes.
– kristian
Oct 17 '16 at 13:10
On Debian and Arch (version 1.0.2j) I cannot reproduce the problem. You may wish to re-install the openssl package.
– MariusMatutiae
Oct 17 '16 at 14:16
On Debian and Arch (version 1.0.2j) I cannot reproduce the problem. You may wish to re-install the openssl package.
– MariusMatutiae
Oct 17 '16 at 14:16
add a comment |
1 Answer
1
active
oldest
votes
The following is my pertinent notes on generating, albeit not certificates themselves, a Certificate Signing Request (CSR) with openssl.
The syntax with placeholders looks like this:
openssl req -new -newkey rsa:4096 -sha256 -nodes -out
DOMAIN.TLD.rsa.csr -keyout DOMAIN.TLD.rsa.pkey -subj
"/C=US/ST=/L=CITY/O=COMPANY-NAME/CN=DOMAIN.TLD"
This is the exact command I used to generate my own CSR, which I give to my SSL certificate provider.
openssl req -new -newkey rsa:4096 -sha256 -nodes -out rustbeltrebellion.com.csr -keyout rustbeltrebellion.rsa.pkey -subj "/C=US/ST=OHIO/L=EASTLAKE/O=RUSTBELTREBELLION/CN=RUSTBELTREBELLION.COM"
The benefit of a CSR is that your private key stays more private. I am aware of only two ways to create a certificate-- by running your private key through the openssl library or your CSR through the openssl library. Both give you a functionally identical certificate when the dust settles. One allows your private key to remain private (the CSR does that).
answered Apr 5 at 16:30
BradChesney79BradChesney79
1263
Yeah, it is likely that the poster has either has solved the problem already or of course the only possible alternative is that kristian died. Anyway, this is for anyone that stumbles on it later.
– BradChesney79
Apr 5 at 17:36
add a comment |
Your Answer
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "106"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f316952%2fproblems-in-creating-certificate-with-sha256-sha512%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
The following is my pertinent notes on generating, albeit not certificates themselves, a Certificate Signing Request (CSR) with openssl.
The syntax with placeholders looks like this:
openssl req -new -newkey rsa:4096 -sha256 -nodes -out
DOMAIN.TLD.rsa.csr -keyout DOMAIN.TLD.rsa.pkey -subj
"/C=US/ST=/L=CITY/O=COMPANY-NAME/CN=DOMAIN.TLD"
This is the exact command I used to generate my own CSR, which I give to my SSL certificate provider.
openssl req -new -newkey rsa:4096 -sha256 -nodes -out rustbeltrebellion.com.csr -keyout rustbeltrebellion.rsa.pkey -subj "/C=US/ST=OHIO/L=EASTLAKE/O=RUSTBELTREBELLION/CN=RUSTBELTREBELLION.COM"
The benefit of a CSR is that your private key stays more private. I am aware of only two ways to create a certificate-- by running your private key through the openssl library or your CSR through the openssl library. Both give you a functionally identical certificate when the dust settles. One allows your private key to remain private (the CSR does that).
answered Apr 5 at 16:30
BradChesney79BradChesney79
1263
Yeah, it is likely that the poster has either has solved the problem already or of course the only possible alternative is that kristian died. Anyway, this is for anyone that stumbles on it later.
– BradChesney79
Apr 5 at 17:36
add a comment |
The following is my pertinent notes on generating, albeit not certificates themselves, a Certificate Signing Request (CSR) with openssl.
The syntax with placeholders looks like this:
openssl req -new -newkey rsa:4096 -sha256 -nodes -out
DOMAIN.TLD.rsa.csr -keyout DOMAIN.TLD.rsa.pkey -subj
"/C=US/ST=/L=CITY/O=COMPANY-NAME/CN=DOMAIN.TLD"
This is the exact command I used to generate my own CSR, which I give to my SSL certificate provider.
openssl req -new -newkey rsa:4096 -sha256 -nodes -out rustbeltrebellion.com.csr -keyout rustbeltrebellion.rsa.pkey -subj "/C=US/ST=OHIO/L=EASTLAKE/O=RUSTBELTREBELLION/CN=RUSTBELTREBELLION.COM"
The benefit of a CSR is that your private key stays more private. I am aware of only two ways to create a certificate-- by running your private key through the openssl library or your CSR through the openssl library. Both give you a functionally identical certificate when the dust settles. One allows your private key to remain private (the CSR does that).
answered Apr 5 at 16:30
BradChesney79BradChesney79
1263
Yeah, it is likely that the poster has either has solved the problem already or of course the only possible alternative is that kristian died. Anyway, this is for anyone that stumbles on it later.
– BradChesney79
Apr 5 at 17:36
add a comment |
The following is my pertinent notes on generating, albeit not certificates themselves, a Certificate Signing Request (CSR) with openssl.
The syntax with placeholders looks like this:
openssl req -new -newkey rsa:4096 -sha256 -nodes -out
DOMAIN.TLD.rsa.csr -keyout DOMAIN.TLD.rsa.pkey -subj
"/C=US/ST=/L=CITY/O=COMPANY-NAME/CN=DOMAIN.TLD"
This is the exact command I used to generate my own CSR, which I give to my SSL certificate provider.
openssl req -new -newkey rsa:4096 -sha256 -nodes -out rustbeltrebellion.com.csr -keyout rustbeltrebellion.rsa.pkey -subj "/C=US/ST=OHIO/L=EASTLAKE/O=RUSTBELTREBELLION/CN=RUSTBELTREBELLION.COM"
The benefit of a CSR is that your private key stays more private. I am aware of only two ways to create a certificate-- by running your private key through the openssl library or your CSR through the openssl library. Both give you a functionally identical certificate when the dust settles. One allows your private key to remain private (the CSR does that).
answered Apr 5 at 16:30
BradChesney79BradChesney79
1263
The following is my pertinent notes on generating, albeit not certificates themselves, a Certificate Signing Request (CSR) with openssl.
The syntax with placeholders looks like this:
openssl req -new -newkey rsa:4096 -sha256 -nodes -out
DOMAIN.TLD.rsa.csr -keyout DOMAIN.TLD.rsa.pkey -subj
"/C=US/ST=/L=CITY/O=COMPANY-NAME/CN=DOMAIN.TLD"
This is the exact command I used to generate my own CSR, which I give to my SSL certificate provider.
openssl req -new -newkey rsa:4096 -sha256 -nodes -out rustbeltrebellion.com.csr -keyout rustbeltrebellion.rsa.pkey -subj "/C=US/ST=OHIO/L=EASTLAKE/O=RUSTBELTREBELLION/CN=RUSTBELTREBELLION.COM"
The benefit of a CSR is that your private key stays more private. I am aware of only two ways to create a certificate-- by running your private key through the openssl library or your CSR through the openssl library. Both give you a functionally identical certificate when the dust settles. One allows your private key to remain private (the CSR does that).
answered Apr 5 at 16:30
BradChesney79BradChesney79
1263
answered Apr 5 at 16:30
BradChesney79BradChesney79
1263
answered Apr 5 at 16:30
BradChesney79BradChesney79
1263
answered Apr 5 at 16:30
BradChesney79BradChesney79
1263
1263
Yeah, it is likely that the poster has either has solved the problem already or of course the only possible alternative is that kristian died. Anyway, this is for anyone that stumbles on it later.
– BradChesney79
Apr 5 at 17:36
add a comment |
Yeah, it is likely that the poster has either has solved the problem already or of course the only possible alternative is that kristian died. Anyway, this is for anyone that stumbles on it later.
– BradChesney79
Apr 5 at 17:36
Yeah, it is likely that the poster has either has solved the problem already or of course the only possible alternative is that kristian died. Anyway, this is for anyone that stumbles on it later.
– BradChesney79
Apr 5 at 17:36
Yeah, it is likely that the poster has either has solved the problem already or of course the only possible alternative is that kristian died. Anyway, this is for anyone that stumbles on it later.
– BradChesney79
Apr 5 at 17:36
add a comment |
Thanks for contributing an answer to Unix & Linux Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f316952%2fproblems-in-creating-certificate-with-sha256-sha512%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
What is the output of openssl list-message-digest-algorithms? Does it contain RSA-SHA256 => SHA256?
– MariusMatutiae
Oct 17 '16 at 13:04
@MariusMatutiae Yes.
– kristian
Oct 17 '16 at 13:10
On Debian and Arch (version 1.0.2j) I cannot reproduce the problem. You may wish to re-install the openssl package.
– MariusMatutiae
Oct 17 '16 at 14:16