Hi
I am using following sequence of x509 calls to generate self signed
certificate from existing original certificate in DER format.
X509 *cert;
X509 *orig_cert;
orig_cert = d2i_X509_fp("orignal_cert.der", NULL);
cert = d2i_X509_fp("orignal_cert.der", NULL);
/* Set Issuer name same as subject name of original certificate */
X509_set_issuer_name( cert, X509_get_subject_name(orig_cert);
/* Delete extensions */
while (X509_get_ext_count(cert) > 0)
X509_delete_ext(cert, 0);
/* Set public key */
/* Get certificate signed */
/* Write into file */
i2d_X509_fp(FP, cert);
I find that generated certificate is same as original certificate and my
modifications are
not there in generated certificate. These sequence used to work in
openssl-0.9.8n.
Looks like openssl API, caching DER encoded name strings when called
d2i_X509 and
using it during i2d_X509 calls.
Does anybody knows, what have changed in 1.0.1c because of that
modification in X509
structure is not reflecting when convert it to back DER format?
thanks
Pankaj
