Loading CHANGES +7 −0 Original line number Diff line number Diff line Loading @@ -4,6 +4,13 @@ Changes between 0.9.4 and 0.9.5 [xx XXX 1999] *) Minor change to 'x509' utility. The -CAcreateserial option now uses 1 for the first serial number and places 2 in the serial number file. This avoids problems when the root CA is created with serial number zero and the first user certificate has the same issuer name and serial number as the root CA. [Steve Henson] *) Fixes to X509_ATTRIBUTE utilities, change the 'req' program so it uses the new code. Add documentation for this stuff. [Steve Henson] Loading apps/x509.c +2 −2 Original line number Diff line number Diff line Loading @@ -943,8 +943,8 @@ static int x509_certify(X509_STORE *ctx, char *CAfile, const EVP_MD *digest, } else { ASN1_INTEGER_set(bs,0); BN_zero(serial); ASN1_INTEGER_set(bs,1); BN_one(serial); } } else Loading doc/apps/x509.pod +3 −2 Original line number Diff line number Diff line Loading @@ -311,8 +311,9 @@ The default filename consists of the CA certificate file base name with =item B<-CAcreateserial filename> with this option the CA serial number file is created if it does not exist: it will contain the serial number "01". Normally if the B<-CA> option is specified and the serial number file does not exist it is an error. it will contain the serial number "02" and the certificate being signed will have the 1 as its serial number. Normally if the B<-CA> option is specified and the serial number file does not exist it is an error. =item B<-extfile filename> Loading Loading
CHANGES +7 −0 Original line number Diff line number Diff line Loading @@ -4,6 +4,13 @@ Changes between 0.9.4 and 0.9.5 [xx XXX 1999] *) Minor change to 'x509' utility. The -CAcreateserial option now uses 1 for the first serial number and places 2 in the serial number file. This avoids problems when the root CA is created with serial number zero and the first user certificate has the same issuer name and serial number as the root CA. [Steve Henson] *) Fixes to X509_ATTRIBUTE utilities, change the 'req' program so it uses the new code. Add documentation for this stuff. [Steve Henson] Loading
apps/x509.c +2 −2 Original line number Diff line number Diff line Loading @@ -943,8 +943,8 @@ static int x509_certify(X509_STORE *ctx, char *CAfile, const EVP_MD *digest, } else { ASN1_INTEGER_set(bs,0); BN_zero(serial); ASN1_INTEGER_set(bs,1); BN_one(serial); } } else Loading
doc/apps/x509.pod +3 −2 Original line number Diff line number Diff line Loading @@ -311,8 +311,9 @@ The default filename consists of the CA certificate file base name with =item B<-CAcreateserial filename> with this option the CA serial number file is created if it does not exist: it will contain the serial number "01". Normally if the B<-CA> option is specified and the serial number file does not exist it is an error. it will contain the serial number "02" and the certificate being signed will have the 1 as its serial number. Normally if the B<-CA> option is specified and the serial number file does not exist it is an error. =item B<-extfile filename> Loading
