On Fri, Mar 21, 2014 at 07:21:50PM +0000, Kyle Tinker wrote:
> *How do I trust two certificates with an identical subject (but
> different hashes) at the same time?*
Give them different key identifiers. When determining whether a
given certificate is issued by a given authority, OpenSSL will
compare child issuer with parent's subject *and* child's authority
key id with parent's subject key id. The child's AKID can also
include the parent's serial number.
Some people add a serial number attribute to the subject DN. The
commonName is the same, but the full subject DN is different for
each instance of the certificate.
--
Viktor.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
