Actions
Bug #4860
closedCRLs missing authorityKeyIdentifier
Start date:
07/21/2015
Due date:
% Done:
100%
Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
All
Affected Architecture:
Description
CRLs generated by the built-in certificate manager should include authorityKeyIdentifier. This was changed in openssl.cnf, but isn't getting picked up when creating CRLs in the built-in cert manager. The openssl_crl* functions don't seem to take an args array the way the other openssl_* functions do (where "x509_extensions" => "crl_ext" in $args array would suffice).
Updated by Renato Botelho almost 10 years ago
- Status changed from Confirmed to Feedback
- % Done changed from 0 to 100
Fixed, please try next snaps
Updated by Chris Buechler almost 10 years ago
looks good, works with IPsec now, and still works with OpenVPN. want to get additional feedback and testing before closing out.
Actions