Join GitHub today
GitHub is home to over 50 million developers working together to host and review code, manage projects, and build software together.Sign up
GitHub is where the world builds software
Millions of developers and companies build, ship, and maintain their software on GitHub — the largest and most advanced development platform in the world.
crypto/x509: CRL generated by Certificate.CreateCRL is still version 1 #13931
I think majority applications today that use certificate/CRL uses (or expects) version 2.
following is the snip of a CRL generated by Go 1.5.2 on windows/amd64:
What's happening is that v2 is being specified, but it's also set as the default value of that ASN.1 element. Therefore it's not getting written because it's the default and the element is optional.
OpenSSL considers the default to be v1 and the RFC doesn't say. https://go-review.googlesource.com/#/c/20544/ sets the default to be v1 so that the version will get written out.