summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--src/certtool.c17
1 files changed, 16 insertions, 1 deletions
diff --git a/src/certtool.c b/src/certtool.c
index 88f8fc52f1..a755e1bca3 100644
--- a/src/certtool.c
+++ b/src/certtool.c
@@ -1085,6 +1085,8 @@ static void update_signed_certificate(common_info_st * cinfo)
gnutls_x509_crt_t crt;
int result;
gnutls_privkey_t ca_key;
+ gnutls_privkey_t pkey;
+ gnutls_pubkey_t pubkey;
gnutls_x509_crt_t ca_crt;
gnutls_datum_t out;
time_t tim;
@@ -1092,6 +1094,7 @@ static void update_signed_certificate(common_info_st * cinfo)
fprintf(stdlog, "Generating a signed certificate...\n");
+
ca_key = load_ca_private_key(cinfo);
ca_crt = load_ca_cert(1, cinfo);
crt = load_cert(1, cinfo);
@@ -1107,7 +1110,6 @@ static void update_signed_certificate(common_info_st * cinfo)
}
tim = get_expiration_date();
-
result = gnutls_x509_crt_set_expiration_time(crt, tim);
if (result < 0) {
fprintf(stderr, "set_expiration: %s\n",
@@ -1115,6 +1117,19 @@ static void update_signed_certificate(common_info_st * cinfo)
app_exit(1);
}
+ pkey = load_private_key(0, cinfo);
+ pubkey = load_public_key_or_import(0, pkey, cinfo);
+
+ if (pubkey) {
+ fprintf(stderr, "Updating public key\n");
+ result = gnutls_x509_crt_set_pubkey(crt, pubkey);
+ if (result < 0) {
+ fprintf(stderr, "cannot set public key: %s\n",
+ gnutls_strerror(result));
+ app_exit(1);
+ }
+ }
+
fprintf(stderr, "\n\nSigning certificate...\n");
if (cinfo->rsa_pss_sign)