Yes, it's definitely optional.
The most common keyIdentifier's that I have seen are based, well, on the key :)
/r$
--
Principal Security Engineer
Akamai Technologies, Cambridge, MA
IM: rs...@jabber.me; Twitter: RichSalz
_
On Fri, Jun 13, 2014, Carl Young wrote:
>
> Hi,
>
> I am looking for advice for an application using openssl, but it's not an
> openssl problem.
>
> We have a situation where an external company has provided us with
> authentication certificates from a subCA and we have all the cert's back up
On Fri, Nov 28, 2003, Maria Dolores Moral wrote:
> Hello list,
> I´m working in my end of degree project, it´s about security, and of course
> I´m working with openssl. I need to obtain a value of authority key
> identifier, which identificate this from the others,and I have a X509v3
> certificate
