On Sat, Mar 1, 2014 at 1:14 AM, Viktor Dukhovni <openssl-us...@dukhovni.org> wrote: > On Sat, Mar 01, 2014 at 01:02:28AM -0500, Jeffrey Walton wrote: > >> X509_EXTENSION* ex4 = >> X509V3_EXT_conf_nid(NULL, NULL, NID_subject_key_identifier, "hash"); >> err = ERR_get_error(); >> ... >> >> $ openssl errstr 0x22073072 >> error:22073072:X509 V3 routines:S2I_SKEY_ID:no public key > > Too many NULL arguments, the certificate context is missing. At > a minimum, you need: > > X509V3_CTX v3ctx; > X509 *issuer = ...; > X509 *subject = ...; > > X509V3_set_ctx(&v3ctx, issuer, subject, 0, 0, 0); > X509V3_EXT_conf_nid(0, &v3ctx, nid, val)); > > some extensions require additional context via the (first) > configuration hash argument, but the above is sufficient to compute > a subject key id, in which case the issuer can be 0, but the subject > may not. Other extensions may need the issuer cert too. > Perfect, thank you very much. It was the missing X509V3_CTX.
Jeff ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
