On Sun, Aug 7, 2011 at 8:29 PM, Dr. Stephen Henson <st...@openssl.org> wrote: > On Sun, Aug 07, 2011, Luke Kenneth Casson Leighton wrote: > >> >> * standard openssl functions which set the authority key identifier >> seem to not allow direct setting of the keyid. any clues on how to do >> that? >> > > You create an AUTHORITY_KEYID structure and populate it. Then you can call > X509_add1_ext_i2d().
ahh, you're a star. >> > If you have a certificate issued by the same CA that would make things >> > easier >> > but it would still be a rather hit and miss affair. >> >> i'm looking for it... :) >> > > The CA certificate would help too, you could use its subject DN directly. i believe this is a CA certificate - it's just a non-standard one, so is preventing access to a publicly accessible published well-known HTTPS resource. so yes i've got the subject DN. > You will at least know when you've got it right: the signatures will match. yyep, i figured that bit he he. i'm almost there. dates and serial number are the last two fields. l. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
