x509: use actual issuer name if a CA is used

author Daniel Fiala <daniel@openssl.org>

Mon, 18 Apr 2022 09:30:13 +0000 (11:30 +0200)

committer Tomas Mraz <tomas@openssl.org>

Mon, 25 Apr 2022 12:02:14 +0000 (14:02 +0200)
author Daniel Fiala <daniel@openssl.org>
Mon, 18 Apr 2022 09:30:13 +0000 (11:30 +0200)
committer Tomas Mraz <tomas@openssl.org>
Mon, 25 Apr 2022 12:02:14 +0000 (14:02 +0200)
diff --git a/apps/x509.c b/apps/x509.c

index 1043eba0c8a03da5f8f921c0e9d99f7b84c07a9f..2329d9b2d407846f267eeb8135b0bffaef97de5e 100644 (file)
--- a/apps/x509.c
+++ b/apps/x509.c
@@ -590,6 +590,8 @@ int x509_main(int argc, char **argv)
          xca = load_cert(CAfile, CAformat, "CA Certificate");
          if (xca == NULL)
              goto end;
+        if (!X509_set_issuer_name(x, X509_get_subject_name(xca)))
+            goto end;
      }
  
      out = bio_open_default(outfile, 'w', outformat);
@@ -987,8 +989,6 @@ static int x509_certify(X509_STORE *ctx, const char *CAfile, const EVP_MD *diges
          goto end;
      }
  
-    if (!X509_set_issuer_name(x, X509_get_subject_name(xca)))
-        goto end;
      if (!X509_set_serialNumber(x, bs))
          goto end;
author	Daniel Fiala <daniel@openssl.org>
	Mon, 18 Apr 2022 09:30:13 +0000 (11:30 +0200)
committer	Tomas Mraz <tomas@openssl.org>
	Mon, 25 Apr 2022 12:02:14 +0000 (14:02 +0200)