|
Hi,
When I generate a CRL form an intermediate CA the
issuer for the CRL is the "issuer" of the intermediate CA, although the CRL is
signed with the intermediate CA key.
So I looked in the CA source code and that's what I
found:
apps/ca.c:1459
if (!X509_CRL_set_issuer_name(crl,
X509_get_issuer_name(x509))) goto err;
Shouldn't it be
if (!X509_CRL_set_issuer_name(crl,
X509_get_subject_name(x509))) goto err;
I'm using 0.9.7 beta3.
Thanks.
|
