Robert Joop wrote:
>
>
> the user cert has the user CA's DN in the issuer DN (CN=User CA) and
> the root CA's DN in the authority key identifier "DirName" (CN=Test-CA
> (G4)), see the attached example.
> but the user cert's authority key identifier "keyid" is the user CA
> cert's subject key ide
On 02-03-19 23:05:52 CET, Dr S N Henson wrote:
> I can't see how that can happen. The ca command only passes the issuing
> CA certificate to the extension routines. It does not have access to any
> other CA certificate. It fills in the authority key identifier by
> extracting the issuer name of th
Michael Bell wrote:
>
> Dr S N Henson schrieb:
> >
> > Michael Bell wrote:
> > >
> > > Hi,
> > >
> > > I found a bug in openssl ca. If you set authorityKeyIdentifier to
> > > keyid and issuer always then the keyid will be set correctly but the
> > > issuer is wrong.
> > >
> > > Example:
> > >
> >
Dr S N Henson schrieb:
>
> Michael Bell wrote:
> >
> > Hi,
> >
> > I found a bug in openssl ca. If you set authorityKeyIdentifier to
> > keyid and issuer always then the keyid will be set correctly but the
> > issuer is wrong.
> >
> > Example:
> >
> > Root-CA --> Sub-Level 1 CA --> Sub-Level 2 CA
Michael Bell wrote:
>
> Hi,
>
> I found a bug in openssl ca. If you set authorityKeyIdentifier to
> keyid and issuer always then the keyid will be set correctly but the
> issuer is wrong.
>
> Example:
>
> Root-CA --> Sub-Level 1 CA --> Sub-Level 2 CA --> User
>
> If I issue a certificate for
Hi,
I found a bug in openssl ca. If you set authorityKeyIdentifier to
keyid and issuer always then the keyid will be set correctly but the
issuer is wrong.
Example:
Root-CA --> Sub-Level 1 CA --> Sub-Level 2 CA --> User
If I issue a certificate for a user then the issuer of the CA-cert
is the
