x509 chain verification which fields are sufficient
To perform the chain verfiction between rootCA, IssueCA, endentity CA which fields should be common, Note: doing through code, not from command line.
Below is the extracted part from generated certs, these are matching, are these ok or any other fields I should match.
RootCa:
Issuer: CN = Root CA
Subject: CN = Root CA
X509v3 Subject Key Identifier:
C8:30:2B:6C:2B:55:9F:F4:D1:10:66:CF:5B:69:C4:87:7C:D7:08:7D
X509v3 Basic Constraints: critical
CA:TRUE
IssueCA: Issuer: CN = Root CA Subject: CN = Intermediate CA X509v3 Subject Key Identifier: 7E:5E:89:FB:7A:4B:A5:5C:49:9A:7E:FA:BB:70:6B:E3:F2:AD:D9:42 X509v3 Authority Key Identifier: C8:30:2B:6C:2B:55:9F:F4:D1:10:66:CF:5B:69:C4:87:7C:D7:08:7D X509v3 Basic Constraints: critical CA:TRUE
endentityCA: Issuer: CN = Intermediate CA X509v3 Authority Key Identifier: 7E:5E:89:FB:7A:4B:A5:5C:49:9A:7E:FA:BB:70:6B:E3:F2:AD:D9:42
Just for more info I am printing the Hash
//endentityca
Certificate hash: EB20023FF2E600C95B1758EAD9C09648C9BAAB99
Issuer hash: D19EDD09C8F3985F81A9166EF1F6E96FABF207F1
//Issueca
Certificate hash: 8A56AFDB22F247EB1654AE964B9A58AFF6882B6E
Issuer hash: 14E182E751107EFBF747205FFAEBD12E7E26C14D
//rootca
Certificate hash: DD01B68BF95A952DA11E41D1564FF46C3264D1D9
Issuer hash: 14E182E751107EFBF747205FFAEBD12E7E26C14D
Root CA self-signed certificate verification successful.