community.crypto.x509_crl // add X509v3_extensions in crl #648

nehart · 2023-08-13T06:03:42Z

SUMMARY

I am missing in the following CRL (created with the Ansible module community.crypto.x509_crl) ...

root@srv01# openssl crl -inform PEM -text -noout -in dummy-0000000001/100-rootCA-dummy-0000000001.crl    
Certificate Revocation List (CRL):
        Version 2 (0x1)
        Signature Algorithm: ecdsa-with-SHA256
        Issuer: CN = whatever.net
        Last Update: Aug 13 05:21:43 2023 GMT
        Next Update: Aug 10 05:21:43 2033 GMT
Revoked Certificates:
    Serial Number: 529654792684CE72BAFFFE9F8F40EB93567D4CF6
        Revocation Date: Aug 12 00:22:46 2023 GMT
    Signature Algorithm: ecdsa-with-SHA256
         [....]:b2:42:14:d2:7e:02:[....]

... the "Authority Key Identifier [keyid]" from the rootCA. Something like ...

[....]
        CRL extensions:
            X509v3 Authority Key Identifier: 
                keyid:[...]:3F:5E:B4:[...]
[....]

Is there a change to get this feature in one of the next updates?

ISSUE TYPE

Feature Idea

The text was updated successfully, but these errors were encountered:

felixfontein added the enhancement New feature or request label Aug 13, 2023

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

community.crypto.x509_crl // add X509v3_extensions in crl #648

community.crypto.x509_crl // add X509v3_extensions in crl #648

nehart commented Aug 13, 2023

community.crypto.x509_crl // add X509v3_extensions in crl #648

community.crypto.x509_crl // add X509v3_extensions in crl #648

Comments

nehart commented Aug 13, 2023

SUMMARY

ISSUE TYPE