One of our developers here has noticed a change in behavior.
This pair of commands used to work as expected, but in 1.0.0 and later the resulting cert is self-signed, and not signed by the CA key. openssl req -x509 -days 999 -keyout req.key -out req.pem \ -subj /CN=testme -nodes -new -newkey rsa:2048 openssl x509 -in req.pem -CA cacert.pem \ -CAkey cakey.pem -set_serial 1234 -out cert.pem Any thoughts? /r$ -- Principal Security Engineer Akamai Technology Cambridge, MA