signer/aws.sdk.kotlin.services.signer.model/GetRevocationStatusRequest/certificateHashes

certificateHashes

val certificateHashes: List<String>?

A list of composite signed hashes that identify certificates.

A certificate identifier consists of a subject certificate TBS hash (signed by the parent CA) combined with a parent CA TBS hash (signed by the parent CA’s CA). Root certificates are defined as their own CA.

The following example shows how to calculate a hash for this parameter using OpenSSL commands:

openssl asn1parse -in childCert.pem -strparse 4 -out childCert.tbs

openssl sha384 < childCert.tbs -binary > childCertTbsHash

openssl asn1parse -in parentCert.pem -strparse 4 -out parentCert.tbs

openssl sha384 < parentCert.tbs -binary > parentCertTbsHash xxd -p childCertTbsHash > certificateHash.hex xxd -p parentCertTbsHash >> certificateHash.hex

cat certificateHash.hex | tr -d '\n'