diff options
| author | Dr. Stephen Henson <steve@openssl.org> | 2000-08-24 23:24:18 +0000 |
|---|---|---|
| committer | Dr. Stephen Henson <steve@openssl.org> | 2000-08-24 23:24:18 +0000 |
| commit | d428bf8c568c617bb3c3bd0ac3b326298e7b34b9 (patch) | |
| tree | b2941d622c7d4dbd526afa82a9308016a04321fe /apps | |
| parent | d096b524afbdc371032d96d22f1686d88bfba0e9 (diff) | |
New option to CA.pl to sign request using CA extensions.
This allows intermediate CAs to be created more easily.
PKCS12_create() now checks private key matches certificate.
Fix typo in x509 app.
Update docs.
New function ASN1_STRING_to_UTF8() converts any ASN1_STRING
type to UTF8.
Diffstat (limited to 'apps')
| -rw-r--r-- | apps/CA.pl.in | 5 | ||||
| -rw-r--r-- | apps/x509.c | 2 |
2 files changed, 6 insertions, 1 deletions
diff --git a/apps/CA.pl.in b/apps/CA.pl.in index 4eef57e6e3..7781067d6a 100644 --- a/apps/CA.pl.in +++ b/apps/CA.pl.in @@ -116,6 +116,11 @@ foreach (@ARGV) { "-infiles newreq.pem"); $RET=$?; print "Signed certificate is in newcert.pem\n"; + } elsif (/^(-signCA)$/) { + system ("$CA -policy policy_anything -out newcert.pem " . + "-extensions v3_ca -infiles newreq.pem"); + $RET=$?; + print "Signed CA certificate is in newcert.pem\n"; } elsif (/^-signcert$/) { system ("$X509 -x509toreq -in newreq.pem -signkey newreq.pem " . "-out tmp.pem"); diff --git a/apps/x509.c b/apps/x509.c index a071b20f40..4da4feba70 100644 --- a/apps/x509.c +++ b/apps/x509.c @@ -611,7 +611,7 @@ bad: } else if (subject == i) { - print_name(STDout, "issuer= ", + print_name(STDout, "subject= ", X509_get_subject_name(x), nmflag); } else if (serial == i) |