On Sat, Mar 1, 2014 at 7:29 AM, Dr. Stephen Henson <st...@openssl.org> wrote: > On Sat, Mar 01, 2014, Jeffrey Walton wrote: > >> I'm building a ca cert following .../demos/mkcert.c. The program is failing >> at: >> >> X509_EXTENSION* ex4 = >> X509V3_EXT_conf_nid(NULL, NULL, NID_subject_key_identifier, "hash"); >> err = ERR_get_error(); >> ... >> >> $ openssl errstr 0x22073072 >> error:22073072:X509 V3 routines:S2I_SKEY_ID:no public key >> >> The public key was set earlier with the private key as in mkcert.c. >> >> I also tried with X509V3_EXT_nconf_nid, but got the same error. >> >> ... >> >> Any ideas what is causing the 0x22073072 error? >> > > The extension code needs access to the public key in order to create the SKID. > > This is done using the X509V3_CTX parameter to X509V3_EXT_conf_nid which > you've set to NULL. > > See the add_ext function in mkcert.c for details of how to set it up. Thanks Doctor.
So I'm clear: there is no cleanup on the X509V3_CTX? I could not find a X509V3_CTX_free() or similar function. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
