Skip to content. | Skip to navigation

Personal tools

Sections
You are here: Home / Sonstiges / Usefull insigths / openssl 0.9.8 to openssl 1.0.x CA certificates stop working

openssl 0.9.8 to openssl 1.0.x CA certificates stop working

You will _not_ have this problem if you completely reinstall everything.

Using a binary linked to libssl 1.x in an 0.9.8 environment will show all certificates as invalid. This is because the root certificates are hashed with a different hash function in 1.x.

You have to download the 1.x distro from openssl.org, Then call the included c_rehash as "c_rehash -n <the certs directory>". You must use the one from the download, not the default one AND  make sure the OPENSSL environment variable points to a 1.x openssl binary. Then -n will prevent the old links from beeing deleted, so your 0.9.8 software will continue to operate.