APPS do_X509_sign()
: is it complete w.r.t. RFC 5280 compliance?
#19805
Labels
triaged: question
The issue contains a question
Meanwhile,
do_X509_sign()
makes sure that, by default, subject key identifier (SKID) and issuer key identifier (AKID) are added as far as required by RFC 5280. I also makes sure that X.509 version 3 is set whenever X.509 extensions are included.Is there anything else the function should do for ensuring RFC 5280 compliance for new certs by default?
The text was updated successfully, but these errors were encountered: