问题
I am following the instructions on how to import a certificate with its whole chain into a keystore. The problem I face is that I do not have c_rehash on my system:
user@hostanme$ c_rehash ./certs
-bash: c_rehash: command not found
I have found the -subject_hash option of openssl x509, but I am not sure how to use it to replicate whatever c_rehash does.
How can I hash the certificate directory without the c_rehash command/script?
回答1:
c_rehash needs "perl" for execution. If you can not run c_rehase, try below.
use "openssl" in the Shell file
for file in *.pem; do ln -s "$file" "$(openssl x509 -hash -noout -in "$file")".0; done
回答2:
user@hostanme$ c_rehash ./certs
-bash: c_rehash: command not found
You either need to install OpenSSL (perhaps a developer version) or you need to put its bin/ directory on path:
$ find /usr -iname c_rehash
/usr/bin/c_rehash
/usr/local/ssl/darwin/bin/c_rehash
/usr/local/ssl/macosx-x64/bin/c_rehash
/usr/local/ssl/macosx-x86/bin/c_rehash
And be sure you use the correct one. If I recall correctly, OpenSSL 0.9.8 uses MD5, while OpenSSL 1.0.0 and above use SHA1.
回答3:
The c_rehash command is available in the openssl-perl package
Source: https://bugzilla.redhat.com/show_bug.cgi?id=461123 Verified on RHEL7
来源:https://stackoverflow.com/questions/25889341/what-is-the-equivalent-of-unix-c-rehash-command-script-on-linux