Project

General

Profile

Actions
Copy link

Bug #4860

closed

CRLs missing authorityKeyIdentifier

Added by Chris Buechler almost 10 years ago. Updated almost 10 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
Renato Botelho
Category:
Certificates
Target version:
2.2.4
Start date:
07/21/2015
Due date:
% Done:

100%

Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
All
Affected Architecture:

Description

CRLs generated by the built-in certificate manager should include authorityKeyIdentifier. This was changed in openssl.cnf, but isn't getting picked up when creating CRLs in the built-in cert manager. The openssl_crl* functions don't seem to take an args array the way the other openssl_* functions do (where "x509_extensions" => "crl_ext" in $args array would suffice).

Actions
Copy link
 #1

Updated by Renato Botelho almost 10 years ago

  • Assignee set to Renato Botelho

Checking

Actions
Copy link
 #2

Updated by Renato Botelho almost 10 years ago

  • Status changed from Confirmed to Feedback
  • % Done changed from 0 to 100

Fixed, please try next snaps

Actions
Copy link
 #3

Updated by Chris Buechler almost 10 years ago

looks good, works with IPsec now, and still works with OpenVPN. want to get additional feedback and testing before closing out.

Actions
Copy link
 #4

Updated by Chris Buechler almost 10 years ago

  • Status changed from Feedback to Resolved

fixed

Actions
Copy link

Also available in: Atom PDF