New option to CA.pl to sign request using CA extensions.

This allows intermediate CAs to be created more easily. PKCS12_create() now checks private key matches certificate. Fix typo in x509 app. Update docs. New function ASN1_STRING_to_UTF8() converts any ASN1_STRING type to UTF8.
author: Dr. Stephen Henson <steve@openssl.org> 2000-08-24 23:24:18 +0000
committer: Dr. Stephen Henson <steve@openssl.org> 2000-08-24 23:24:18 +0000
commit: d428bf8c568c617bb3c3bd0ac3b326298e7b34b9 (patch)
tree: b2941d622c7d4dbd526afa82a9308016a04321fe /crypto/pkcs12
parent: d096b524afbdc371032d96d22f1686d88bfba0e9 (diff)
download: openssl-d428bf8c568c617bb3c3bd0ac3b326298e7b34b9.tar.gz
1 files changed, 2 insertions, 0 deletions
diff --git a/crypto/pkcs12/p12_crt.c b/crypto/pkcs12/p12_crt.c
index a5f17c51a7..5641a00898 100644
--- a/crypto/pkcs12/p12_crt.c
+++ b/crypto/pkcs12/p12_crt.c
@@ -86,6 +86,8 @@ PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert,
 		return NULL;
 	}
 
+	if(!X509_check_private_key(cert, pkey)) return NULL;
+
 	if(!(bags = sk_PKCS12_SAFEBAG_new (NULL))) {
 		PKCS12err(PKCS12_F_PKCS12_CREATE,ERR_R_MALLOC_FAILURE);
 		return NULL;
author	Dr. Stephen Henson <steve@openssl.org>	2000-08-24 23:24:18 +0000
committer	Dr. Stephen Henson <steve@openssl.org>	2000-08-24 23:24:18 +0000
commit	d428bf8c568c617bb3c3bd0ac3b326298e7b34b9 (patch)
tree	b2941d622c7d4dbd526afa82a9308016a04321fe /crypto/pkcs12
parent	d096b524afbdc371032d96d22f1686d88bfba0e9 (diff)
download	openssl-d428bf8c568c617bb3c3bd0ac3b326298e7b34b9.tar.gz