Fix the AuthorityKeyIdentifier Issuer for Bouncy Castle CertificateBu…

…ilder.

Libraries/Opc.Ua.Security.Certificates/Org.BouncyCastle/CertificateBuilder.cs

@@ -271,16 +271,19 @@ private void CreateDefaults(IRandomGenerator random = null)
         private void CreateMandatoryFields(X509V3CertificateGenerator cg)
         {
             m_subjectDN = new CertificateFactoryX509Name(SubjectName.Name);
-            // subject and issuer DN
+            // subject and issuer DN, issuer of issuer for AKI
             m_issuerDN = null;
+            m_issuerIssuerAKI = null;
             if (IssuerCAKeyCert != null)
             {
                 m_issuerDN = new CertificateFactoryX509Name(IssuerCAKeyCert.Subject);
+                m_issuerIssuerAKI = new CertificateFactoryX509Name(IssuerCAKeyCert.Issuer);
             }
             else
             {
                 // self signed 
                 m_issuerDN = m_subjectDN;
+                m_issuerIssuerAKI = m_subjectDN;
             }
             cg.SetIssuerDN(m_issuerDN);
             cg.SetSubjectDN(m_subjectDN);
@@ -332,7 +335,7 @@ private void CreateExtensions(X509V3CertificateGenerator cg, AsymmetricKeyParame
 
             cg.AddExtension(Org.BouncyCastle.Asn1.X509.X509Extensions.AuthorityKeyIdentifier.Id, false,
                 new AuthorityKeyIdentifier(SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(issuerPublicKey),
-                    new GeneralNames(new GeneralName(m_issuerDN)), issuerSerialNumber));
+                    new GeneralNames(new GeneralName(m_issuerIssuerAKI)), issuerSerialNumber));
 
             if (!m_isCA)
             {
@@ -492,6 +495,7 @@ private void NewSerialNumber(IRandomGenerator random)
 
         #region Private Fields
         private X509Name m_issuerDN;
+        private X509Name m_issuerIssuerAKI;
         private X509Name m_subjectDN;
         #endregion
     }