On Fri, Mar 21, 2014 at 07:21:50PM +0000, Kyle Tinker wrote: > *How do I trust two certificates with an identical subject (but > different hashes) at the same time?*
Give them different key identifiers. When determining whether a given certificate is issued by a given authority, OpenSSL will compare child issuer with parent's subject *and* child's authority key id with parent's subject key id. The child's AKID can also include the parent's serial number. Some people add a serial number attribute to the subject DN. The commonName is the same, but the full subject DN is different for each instance of the certificate. -- Viktor. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org