I'm trying to get the SSL serial number from a certificate but windows is displaying leading zeros but unix is not, I'm using openssl x509 in unix to extract the serial number, do you know why or how could solve this issue?
Unix Example:
openssl x509 -noout -in ssl.extracted.crt -serial
Unix Output Example:
D01E408B
Open the certififcate in windows and looks like this the serial number:
00D01E408B
Integers don't have leading zeros. Octet strings representing integers (in non-DER form) might have leading zeros, but you should not confuse the data type with its representation. OpenSSL outputs the correct DER form of the serial number in certificates.
Leading zeros are needed in the DER representation of positive integers whose most significant nibble is in the range from 8 to F. Otherwise the leading bit would cause the integer to be interpreted as negative. Source
You can explore the actual content of the certificate with openssl asn1parse.
