Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Fix the AuthorityKeyIdentifier Issuer for Bouncy Castle CertificateBu…
…ilder. (#1677) - The missing fix in 6747b47 for the bouncy castle certificate builder which was used in .NET Core 2.1 (eol) and .NET 4.6.2, unnoticed in the tests because windows only uses the keyId to validate the chain. - AuthorityKeyIdentifier in the SubCA contains the SubjectName of the Issuer instead of the IssuerName. Also an application certificate that is signed by a SubCA would contain the false information. - The false information has no effect on Windows and macOS, however on linux OpenSSL tests all fields and a chain cannot be fully validated.
- Loading branch information