The new subject hash openssl algorithm differs
问题 I am running into an issue when managing openssl certificates from Java Framework. openssl x509 -subject_hash ... output differs to the one that Java framework returns when calling X509_NAME_hash() , see below. The reason for this is that openssl changed the way it calculates the SHA1. Now, instead of basing the hash in the ASN.1 DER representation of the subject, as it does for MD5, it first calculates the CANONICAL representation and then based on that, it calculates the ASN.1 DER, and then