projects / openssl.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
APPS/x509: Fix generation of AKID via v2i_AUTHORITY_KEYID()
[openssl.git] / apps / x509.c
diff --git a/apps/x509.c b/apps/x509.c
index 1f8a157c0e9683440cfcf1bac58dae6ff8ac5744..b88fb4f5eabec897da697c63784f82b6d26774c8 100644 (file)
--- a/apps/x509.c
+++ b/apps/x509.c
@@ -822,7 +822,12 @@ int x509_main(int argc, char **argv)
             goto end;
     }
 
-    X509V3_set_ctx(&ext_ctx, issuer_cert, x, req, NULL, X509V3_CTX_REPLACE);
+    X509V3_set_ctx(&ext_ctx, issuer_cert, x, NULL, NULL, X509V3_CTX_REPLACE);
+    /* prepare fallback for AKID, but only if issuer cert equals subject cert */
+    if (CAfile == NULL) {
+        if (!X509V3_set_issuer_pkey(&ext_ctx, privkey))
+            goto end;
+    }
     if (extconf != NULL && !x509toreq) {
         X509V3_set_nconf(&ext_ctx, extconf);
         if (!X509V3_EXT_add_nconf(extconf, &ext_ctx, extsect, x)) {
Unnamed repository; edit this file 'description' to name the repository.