What does the MESSAGE DIGEST mean in openssl? Is there any difference between -sha256 and none? openssl req -new -nodes -out req.csr -keyout cert.key -sha256 -newkey rsa:2048
Message digest is used to guarantee the authenticity of a sent message. The sender calculates a message digest from the sent message using the agreed algorithm (such as SHA256) and sends the digest along with the message (there are more details of how it's actually done but this is the rough idea). The recipient calculates the same digest from the message they received using the same agreed algorithm and compares the two digests, if they match the message is considered authentic.
The verification is an integral part of many secure protocols such as SSL/TLS when used with HTTP/IMAP/POP/etc. and for example the TLS protocol used by OpenVPN.
In case of certificates like you're creating there (via a CSR) the selected algorithm sets the "Certificate Signature Algorithm" used in created certificate.
This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.