On Sun, Aug 07, 2011, Luke Kenneth Casson Leighton wrote: > > * standard openssl functions which set the authority key identifier > seem to not allow direct setting of the keyid. any clues on how to do > that? >
You create an AUTHORITY_KEYID structure and populate it. Then you can call X509_add1_ext_i2d(). > > If you have a certificate issued by the same CA that would make things > > easier > > but it would still be a rather hit and miss affair. > > i'm looking for it... :) > The CA certificate would help too, you could use its subject DN directly. You will at least know when you've got it right: the signatures will match. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [email protected] Automated List Manager [email protected]
