I'm try to understand how the Certificated works in the https protocol.
With wireshark, I can capture the certificates, first,I export the singedCertificate, and calculate the hash value; Second, I export the encrypted data, and decrypt it with the public key, the result should equal to the hash of signedCertificate.
This is an example of the decryption:
3021300906052b0e03021a05000414a1038465d47c003d8540ec33879f86e24c43b21a
I found that "a1038465d47c003d8540ec33879f86e24c43b21a" equal to the hash of the signedCertificate, but the head "3021300906052b0e03021a05000414" seemed something relates to the method of hash and encryption.
So, my question is,what's the format of this "a1038465d47c003d8540ec33879f86e24c43b21a".
finally I solve this question. It's so easy, open the file with wireshark, then everything looks fine.