CRL issuer does not match CA subject

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hello!

I'm creating a small PKI following the guide here: https://jamielinux.com/docs/openssl-certificate-authority

The intermediate CA cert is created with:
openssl ca -config $ROOT_CONF -extensions v3_intermediate_ca -days 3650 -notext -md sha256

If I then dump the cert, I see that subject line is
Subject: C = us, ST = ca, O = test, CN = intermediate CA

I then create the CRL using:
openssl ca -config $INTRMDT_CONF -gencrl -out  $INTRMDT_CRL

When I dump the CRL, though, the issuer is
Issuer: /C=us/ST=ca/O=test/CN=intermediate ca

When I put my certificate through https://certificate.revocationcheck.com/, it complains that the CRL issuer and intermediate CA subject don't match byte for byte.

Is there a way to have both generated with the same formatting? I looked through my configuration files and couldn't find anything that would explain the difference. I think it works anyways, but it would be nice to have them match...

Best regards,

Aram

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux