Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
crypto/x509: add SubjectKeyId automatically when IsCA is true #26676
RFC 5280 provides a recommended algorithm to generate the SubjectKeyID, and since these are new public keys, we could use it to set it by default. It's mostly useful for CAs, so we can do it only when IsCA is true. We already automatically set AuthorityKeyID when the parent has SubjectKeyId.
Section 188.8.131.52 of RFC 5280 says this is a MUST for CAs.