tl;dr: I fixed p11-capi to support SHA-256, thus making it useful again. In doing so, I basically acquired custodianship of an open source project.
p11-capi now supports SHA-256
4 Replies
Category Archives: PKI
What happens when you sign a PKI server certificate with another (non-CA) server cert?
tl;dr For years, I have wondered what would happen if you tricked OpenSSL into signing a server certificate with a non-CA cert. Unsurprisingly, nothing useful. Interesting, but not useful. Continue reading