diff options
| -rw-r--r-- | src/certtool.c | 17 |
1 files changed, 16 insertions, 1 deletions
diff --git a/src/certtool.c b/src/certtool.c index 88f8fc52f1..a755e1bca3 100644 --- a/src/certtool.c +++ b/src/certtool.c @@ -1085,6 +1085,8 @@ static void update_signed_certificate(common_info_st * cinfo) gnutls_x509_crt_t crt; int result; gnutls_privkey_t ca_key; + gnutls_privkey_t pkey; + gnutls_pubkey_t pubkey; gnutls_x509_crt_t ca_crt; gnutls_datum_t out; time_t tim; @@ -1092,6 +1094,7 @@ static void update_signed_certificate(common_info_st * cinfo) fprintf(stdlog, "Generating a signed certificate...\n"); + ca_key = load_ca_private_key(cinfo); ca_crt = load_ca_cert(1, cinfo); crt = load_cert(1, cinfo); @@ -1107,7 +1110,6 @@ static void update_signed_certificate(common_info_st * cinfo) } tim = get_expiration_date(); - result = gnutls_x509_crt_set_expiration_time(crt, tim); if (result < 0) { fprintf(stderr, "set_expiration: %s\n", @@ -1115,6 +1117,19 @@ static void update_signed_certificate(common_info_st * cinfo) app_exit(1); } + pkey = load_private_key(0, cinfo); + pubkey = load_public_key_or_import(0, pkey, cinfo); + + if (pubkey) { + fprintf(stderr, "Updating public key\n"); + result = gnutls_x509_crt_set_pubkey(crt, pubkey); + if (result < 0) { + fprintf(stderr, "cannot set public key: %s\n", + gnutls_strerror(result)); + app_exit(1); + } + } + fprintf(stderr, "\n\nSigning certificate...\n"); if (cinfo->rsa_pss_sign) |