Hi, When I generate a CRL form an intermediate CA the issuer for the CRL is the "issuer" of the intermediate CA, although the CRL is signed with the intermediate CA key. So I looked in the CA source code and that's what I found:
apps/ca.c:1459 if (!X509_CRL_set_issuer_name(crl, X509_get_issuer_name(x509))) goto err; Shouldn't it be if (!X509_CRL_set_issuer_name(crl, X509_get_subject_name(x509))) goto err; I'm using 0.9.7 beta3. ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
