pki: Use serial of base CRL for delta CRLs

According to RFC 5280 delta CRLs and complete CRLs MUST share one
numbering sequence.

diff --git a/src/pki/commands/signcrl.c b/src/pki/commands/signcrl.c
index 6c27289f9c6183d8ba6f750476f2c4a2feaeda3a..6d873d326f507608bfea6d1b1da3de9bafe74770 100644 (file)
--- a/src/pki/commands/signcrl.c
+++ b/src/pki/commands/signcrl.c
@@ -369,7 +369,10 @@ static int sign_crl()
        }
        else
        {
-               crl_serial = chunk_from_chars(0x00);
+               if (!crl_serial.ptr)
+               {
+                       crl_serial = chunk_from_chars(0x00);
+               }
                lastenum = enumerator_create_empty();
        }